| ID |
CVE-2015-1758
|
| Summary |
Untrusted search path vulnerability in the LoadLibrary function in the kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a Trojan horse DLL in an unspecified directory, aka "Windows LoadLibrary EoP Vulnerability." CWE-426: Untrusted Search Path
https://cwe.mitre.org/data/definitions/426.html |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:x64:*
-
cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:x86:*
-
cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
|
| CVSS |
| Base: | 6.9 (as of 12-10-2018 - 22:09) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:L/AC:M/Au:N/C:C/I:C/A:C
|
| msbulletin
via4
|
| bulletin_id | MS15-063 | | bulletin_url | | | date | 2015-06-09T00:00:00 | | impact | Elevation of Privilege | | knowledgebase_id | 3063858 | | knowledgebase_url | | | severity | Important | | title | Vulnerability in Windows Kernel Could Allow Elevation of Privilege |
|
| refmap
via4
|
| bid | 75004 | | jvn | JVN#18146081 | | jvndb | JVNDB-2015-000086 | | sectrack | 1032527 |
|
| Last major update |
12-10-2018 - 22:09 |
| Published |
10-06-2015 - 01:59 |
| Last modified |
12-10-2018 - 22:09 |
