CVE-2016-3227: Use After Free
First published: Thu Jun 16 2016(Updated: )
Use-after-free vulnerability in the DNS Server component in Microsoft Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Server Use After Free Vulnerability."
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows Server | =gold | |
| Microsoft Windows Server | =r2 | |
| Microsoft Windows Server | =r2 | |
| Microsoft Windows Server | =r2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-3227?
CVE-2016-3227 is rated as critical due to its potential to allow remote attackers to execute arbitrary code.
How do I fix CVE-2016-3227?
To fix CVE-2016-3227, apply the security updates provided by Microsoft for affected versions of Windows Server 2012.
What components are affected by CVE-2016-3227?
CVE-2016-3227 affects the DNS Server component in Microsoft Windows Server 2012 Gold and R2.
Who can exploit CVE-2016-3227?
CVE-2016-3227 can be exploited by remote attackers through crafted DNS requests.
What are the potential impacts of CVE-2016-3227?
The potential impacts of CVE-2016-3227 include unauthorized remote code execution and possible system compromise.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft windows server
- version/microsoft windows server/gold
- version/microsoft windows server/r2