VYPR
Medium severity5.5NVD Advisory· Published Oct 14, 2016· Updated Jun 17, 2026

CVE-2016-3209

CVE-2016-3209

Description

Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; Live Meeting 2007 Console; .NET Framework 3.0 SP2, 3.5, 3.5.1, 4.5.2, and 4.6; and Silverlight 5 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "True Type Font Parsing Information Disclosure Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

33
  • cpe:2.3:a:microsoft:live_meeting:2007:*:*:*:*:*:*:*
  • Microsoft/Lync4 versions
    cpe:2.3:a:microsoft:lync:2010:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:microsoft:lync:2010:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:lync:2010:*:attendee:*:*:*:*:*
    • cpe:2.3:a:microsoft:lync:2013:sp1:*:*:*:*:*:*
    • (no CPE)range: 2013 SP1; 2010; 2010 Attendee
  • cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*
    • (no CPE)range: 3.0 SP2, 3.5, 3.5.1, 4.5.2, and 4.6
  • Microsoft/Office3 versions
    cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
    • (no CPE)range: 2007 SP3; 2010 SP2
  • cpe:2.3:a:microsoft:silverlight:5.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:silverlight:5.0:*:*:*:*:*:*:*
    • (no CPE)range: 5
  • cpe:2.3:a:microsoft:skype_for_business:2016:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:skype_for_business:2016:*:*:*:*:*:*:*
    • (no CPE)range: 2016
  • cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:*
    • (no CPE)
  • cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
  • Microsoft/Windows2 versions
    cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
    • (no CPE)range: Vista SP2; Server 2008 SP2 and R2 SP1; 7 SP1; 8.1; Server 2012 Gold and R2; RT 8.1; 10 Gold, 1511, and 1607

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.