Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Console allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "GDI+ Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3262.
结论预警: CVE-2016-3263 综合评估为中等风险(61.3/100):CVSS 技术影响为中级,利用概率偏高(EPSS 31.98%,百分位 98%) 核心证据: EPSS 显示该漏洞近期被利用的可能性处于高位。 近一日 EPSS 上升 +12.91%,被利用关注度持续升高。 强制指令: 被利用概率偏高—请排查暴露面并优先安排修补。
风险随态势动态变化;本站持续评估并同步更新本页展示内容。
EPSS 日更估计相对被利用可能性;百分位表示该 CVE 在已评分漏洞中的相对排名(越高表示相对更严重)。
| # | 日期 | 旧 EPSS 分数 | 新 EPSS 分数 | 变化(新 − 旧) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 19.06% | 31.98% | +12.91% |
| 2 | 2025-05-27 | 22.85% | 19.06% | -3.79% |
| 3 | 2025-03-30 | — | 22.85% | — |
完整 EPSS 历史 (共 18 条)
该 CVE 的 CVSS 指标。
| 底座分 | 版本 | 严重度 | 向量 | 可利用性 | 影响 | 分数来源 |
|---|---|---|---|---|---|---|
| 5.5 | 3.0 | MEDIUM |
|
1.8 | 3.6 | [email protected] |
| 5.0 | 2.0 | MEDIUM |
|
10.0 | 2.9 | [email protected] |
| 厂商 | 产品 | 版本 | 原始 CPE |
|---|---|---|---|
| microsoft | live_meeting | 2007 | cpe:2.3:a:microsoft:live_meeting:2007:*:*:*:*:*:*:* |
| microsoft | lync | 2010 | cpe:2.3:a:microsoft:lync:2010:*:*:*:*:*:*:* |
| microsoft | lync | 2010 | cpe:2.3:a:microsoft:lync:2010:*:attendee:*:*:*:*:* |
| microsoft | lync | 2013 | cpe:2.3:a:microsoft:lync:2013:sp1:*:*:*:*:*:* |
| microsoft | office | 2007 | cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:* |
| microsoft | office | 2010 | cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:* |
| microsoft | skype_for_business | 2016 | cpe:2.3:a:microsoft:skype_for_business:2016:*:*:*:*:*:*:* |
| microsoft | word_viewer | — | cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:* |
| microsoft | windows_10 | — | cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1511 | cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1607 | cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:* |
| microsoft | windows_7 | — | cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* |
| microsoft | windows_8.1 | — | cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:* |
| microsoft | windows_rt_8.1 | — | cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:* |
| microsoft | windows_server_2008 | — | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2008 | r2 | cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:* |
| microsoft | windows_server_2012 | — | cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* |
| microsoft | windows_server_2012 | r2 | cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* |
| microsoft | windows_vista | — | cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:* |