CVE-2016-1715

medium

Trellix

CVSS v3 Base Score

6.6

CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H

EPSS Score

0.4%

Exploitation probability in 30 days

Top 40% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

Required

Confidentiality

Low

Integrity

Low

Availability

High

Published: January 12, 2016 (3775 days ago)

Last Modified: May 6, 2026

Vendor: Trellix

Source: NVD

Description

The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Windows platforms allows local users to cause a denial of service (memory corruption and system crash) or gain privileges via a 768 syscall, which triggers a zero to be written to an arbitrary kernel memory location.

CWE

CWE-189

Affected Products

microsoft windowsmcafee application control

References

🔗 www.zerodayinitiative.com 🔗 kc.mcafee.com 🔗 www.zerodayinitiative.com 🔗 kc.mcafee.com

CVE-2016-1715

Vulnerability Report

Description

CWE

Affected Products

References