| Name | ms16_111 |
| CVE | CVE-2016-3371 |
| Exploit Pack | CANVAS |
| Description | MS16-111 Registry Hive Hijack |
| Notes | CVE Name: CVE-2016-3371 VENDOR: Microsoft Notes: Tested against: Windows 10 x64 EN (both Chinese and English usernames) - SUCCESSFUL EOP Windows XP x86 - EXECUTABLE DOES NOT RUN Windows 7 x86 - NOT VULNERABLE Windows Server 2008 R2 x86_64 - NOT VULNERABLE Windows 8.1 x86 - SUCCESSFUL EOP Windows 8.1 x64 - SUCCESSFUL EOP Credit to James Foreshaw of Google Project Zero for exposing the vulnerability and inspiring us with an exploitation technique. Repeatability: Infinite References: ['https://technet.microsoft.com/en-us/library/security/ms16-111.aspx', 'https://bugs.chromium.org/p/project-zero/issues/detail?id=865'] CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3371 |
| Learn more about the CANVAS Exploit Pack here: CANVAS |