{"containers": {"cna": {"affected": [{"product": "Quadro, NVS, GeForce (all versions)", "vendor": "n/a", "versions": [{"status": "affected", "version": "Quadro, NVS, GeForce (all versions)"}]}], "datePublic": "2016-11-08T00:00:00", "descriptions": [{"lang": "en", "value": "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path."}], "problemTypes": [{"descriptions": [{"description": "Escalation of Privileges", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-13T17:57:01", "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.lenovo.com/us/en/product_security/ps500070"}, {"name": "93251", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/93251"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@nvidia.com", "ID": "CVE-2016-5852", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Quadro, NVS, GeForce (all versions)", "version": {"version_data": [{"version_value": "Quadro, NVS, GeForce (all versions)"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Escalation of Privileges"}]}]}, "references": {"reference_data": [{"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", "refsource": "CONFIRM", "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"}, {"name": "https://support.lenovo.com/us/en/product_security/ps500070", "refsource": "CONFIRM", "url": "https://support.lenovo.com/us/en/product_security/ps500070"}, {"name": "93251", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93251"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:15:10.785Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.lenovo.com/us/en/product_security/ps500070"}, {"name": "93251", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/93251"}]}]}, "cveMetadata": {"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "assignerShortName": "nvidia", "cveId": "CVE-2016-5852", "datePublished": "2016-11-08T20:37:00", "dateReserved": "2016-06-28T00:00:00", "dateUpdated": "2024-08-06T01:15:10.785Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*", "matchCriteriaId": "F36E098A-0BCE-41CF-8AF6-3C32E18C8256", "versionEndIncluding": "-", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", "matchCriteriaId": "26641568-53CE-4606-B2CA-C25A97795A50", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", "matchCriteriaId": "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", "matchCriteriaId": "05A831E4-1119-45F0-B9A0-4D948ECD47E6", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", "matchCriteriaId": "1F50D6AC-3D1E-4E54-8422-B717456F6257", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", "matchCriteriaId": "03CBD29C-A606-45DE-B2FB-8572B986A4F0", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", "matchCriteriaId": "44BF5DC1-4609-4F34-9511-785F7B119ADE", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", "matchCriteriaId": "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", "matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", "matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", "matchCriteriaId": "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", "matchCriteriaId": "3EAB33B6-E270-4C11-8E57-2BE127C86134", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B376C04-8A35-42E7-8937-1A466E89639A", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", "matchCriteriaId": "F13EE983-724F-472B-BCF5-B416D1DF27E1", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", "matchCriteriaId": "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", "matchCriteriaId": "41B48700-10AB-4194-94BC-D0F177D0B56A", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", "matchCriteriaId": "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", "matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", "matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", "matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", "matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", "matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", "matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", "matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", "matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", "matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", "matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", "matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path."}, {"lang": "es", "value": "Para los productos NVIDIA Quadro, NVS y GeForce, vulnerabilidades de ruta de servicio no citadas GFE GameStream y NVTray Plugin son ejemplos de la vulnerabilidad de ruta de servicio no citado en Windows. Una explotaci\u00f3n exitosa de una instalaci\u00f3n de servicio vulnerable puede habilitar c\u00f3digo malicioso para ejecutar en el sistema en el nivel de privilegios sistema/usuario. La ID CVE-2016-5852 es para la ruta de servicio no citada NVTray Plugin."}], "evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/428.html\">CWE-428: Unquoted Search Path or Element</a>", "id": "CVE-2016-5852", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-11-08T20:59:05.787", "references": [{"source": "psirt@nvidia.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"}, {"source": "psirt@nvidia.com", "url": "http://www.securityfocus.com/bid/93251"}, {"source": "psirt@nvidia.com", "url": "https://support.lenovo.com/us/en/product_security/ps500070"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/93251"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.lenovo.com/us/en/product_security/ps500070"}], "sourceIdentifier": "psirt@nvidia.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}