CVE-2016-7255

ENISA EUVD: EUVD-2016-8111 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 5, 2026 3 articles

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

89.56%

probability

This CVE has a 89.56% probability of being exploited in the next 30 days.

0% Top 99.6th percentile of all CVEs 100%

CVSS v3.1

Source: NVD

7.8

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

Project Zero

Memory corruption in NtUserSetWindowLongPtr

Affected Products

Google Project Zero

Discovered

Oct. 21, 2016

Patched

Nov. 8, 2016

Reported by

Feike Hacquebord, Peter Pi, and Brooks Li of Trend Micro, Neel Mehta and Billy Leonard of Google’s Threat Analysis Group

Root Cause Analysis

???

Exploits & PoC

yuvatia/page-table-exploitation

A demonstration of how page tables can be used to run arbitrary code in ring-0 and lead to a privesc. Uses CVE-2016-7255 as an example.

heh3/CVE-2016-7255

PoC CVE-2016-7255 — heh3/CVE-2016-7255

bbolmin/cve-2016-7255_x86_x64

porting CVE-2016-7255 to x86 for educational purposes.

3 repos — triés par ⭐ Rechercher sur GitHub ↗

Patch Tuesday: Microsoft Patches Actively Exploited Kernel and OpenType Font, Three Previously Disclosed Browser Issues and SQL Server

Qualys Nov 08, 2016

Microsoft Patches Windows Zero-Day Flaw Disclosed by Google

TheHackerNews

Researchers Fingerprint Exploit Developers Who Help Several Malware Authors

TheHackerNews

Signal Intelligence

Confidenceⓘ

95%

EPSS 89.56%

CVSS v3.1 7.8

Mentions 3

Last Seen Nov 08, 2016

CNA Information

Analyst Note

Auto-imported from Google Project Zero — confirmed zero-day by definition.

Threat Actors 1

Turla Group

apt_group Information theft and espionage Russian Federation

Triage Info

Decided atMar 05, 2026