Numeric Errors

CVE-2016-1715

Medium

6.6/10

Summary

The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Windows platforms allows local users to cause a denial of service (memory corruption and system crash) or gain privileges via a 768 syscall, which triggers a zero to be written to an arbitrary kernel memory location.

Attack Complexity: HIGH
Attack Vector: LOCAL
Integrity Impact: LOW
Scope: CHANGED
User Interaction: REQUIRED
Privileges Required: LOW
Confidentiality Impact: LOW
Availability Impact: HIGH

CWE-189 - Numeric Errors

Weaknesses in this category are related to improper calculation or conversion of numbers.

References

Advisory Timeline

Published Jan 12, 2016

Numeric Errors

CVE-2016-1715

Summary

CWE-189 - Numeric Errors

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS