VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
cvssv3	7.4	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1247.json
epss	0.09412	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.09412	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.09412	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.09412	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.09412	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.10643	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.10643	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.10643	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.1174	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.1174	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.15415	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.15415	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.15415	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.15415	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.15415	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.15415	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.15415	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.15415	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
epss	0.15415	https://api.first.org/data/v1/epss?cve=CVE-2016-1247
cvssv2	5.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
archlinux	High	https://security.archlinux.org/AVG-138
archlinux	High	https://security.archlinux.org/AVG-139

System

Score

Found at

cvssv3

7.4

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1247.json

epss

0.09412

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.09412

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.09412

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.09412

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.09412

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.10643

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.10643

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.10643

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.1174

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.1174

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.15415

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.15415

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.15415

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.15415

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.15415

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.15415

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.15415

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.15415

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

epss

0.15415

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

cvssv2

5.5

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

archlinux

High

https://security.archlinux.org/AVG-138

archlinux

High

https://security.archlinux.org/AVG-139

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1247.json
		https://api.first.org/data/v1/epss?cve=CVE-2016-1247
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1390182		https://bugzilla.redhat.com/show_bug.cgi?id=1390182
842295		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842295
ASA-201701-23		https://security.archlinux.org/ASA-201701-23
ASA-201701-24		https://security.archlinux.org/ASA-201701-24
AVG-138		https://security.archlinux.org/AVG-138
AVG-139		https://security.archlinux.org/AVG-139
CVE-2016-1247	Exploit	http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html
CVE-2016-1247	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40768.sh
USN-3114-1		https://usn.ubuntu.com/3114-1/

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1247.json

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

1390182

https://bugzilla.redhat.com/show_bug.cgi?id=1390182

842295

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842295

ASA-201701-23

https://security.archlinux.org/ASA-201701-23

ASA-201701-24

https://security.archlinux.org/ASA-201701-24

AVG-138

https://security.archlinux.org/AVG-138

AVG-139

https://security.archlinux.org/AVG-139

CVE-2016-1247

Exploit

http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html

CVE-2016-1247

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40768.sh

USN-3114-1

https://usn.ubuntu.com/3114-1/

Data source	Exploit-DB
Date added	Nov. 16, 2016
Description	Nginx (Debian Based Distros + Gentoo) - 'logrotate' Local Privilege Escalation
Ransomware campaign use	Unknown
Source publication date	Nov. 16, 2016
Exploit type	local
Platform	linux
Source update date	Nov. 16, 2017
Source URL	http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html

Exploit-DB

Nov. 16, 2016

Nginx (Debian Based Distros + Gentoo) - 'logrotate' Local Privilege Escalation

Unknown

Nov. 16, 2016

local

linux

Nov. 16, 2017

http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:38:26.218962+00:00	Ubuntu USN Importer	Import	https://usn.ubuntu.com/3114-1/	37.0.0

2025-07-31T08:38:26.218962+00:00

Ubuntu USN Importer

Import

https://usn.ubuntu.com/3114-1/

37.0.0

Vulnerability ID	VCID-gxt7-8fgz-mbd8
Aliases	CVE-2016-1247
Summary
Status	Published
Exploitability	2.0
Weighted Severity	8.0
Risk	10.0
Affected and Fixed Packages	Package Details

Percentile	0.92488
EPSS Score	0.09412
Published At	Sept. 9, 2025, 12:55 p.m.