Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2016-3216)

An information disclosure vulnerability exists when the Windows Graphics Device Interface (GDI32.dll) fails to properly handle objects in memory, allowing an attacker to retrieve information that could lead to an Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited this vulnerability could cause an information disclosure that could that be used to bypass the ASLR security feature, which protects users from a broad class of vulnerabilities.