var-201501-0425
Vulnerability from variot
The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass the Protected Process Light protection mechanism and read the contents of arbitrary process-memory locations by leveraging administrative privileges, aka "Windows Error Reporting Security Feature Bypass Vulnerability.". Samsungwssyncmlnps is a software update service in Samsung's smartphones in South Korea. Kiesrestore is one of the system recovery features. A directory traversal vulnerability exists in Kiesrestore in versions prior to Samsungwssyncmlnps2015-10-31. An attacker could exploit this vulnerability to write to any file. Local attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Successful exploits may lead to other attacks
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201501-0425", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "windows server 2012", "scope": "eq", "trust": 2.4, "vendor": "microsoft", "version": "r2" }, { "model": "windows server 2012", "scope": "eq", "trust": 1.6, "vendor": "microsoft", "version": null }, { "model": "windows 8.1", "scope": "eq", "trust": 1.6, "vendor": "microsoft", "version": null }, { "model": "windows 8", "scope": "eq", "trust": 1.6, "vendor": "microsoft", "version": null }, { "model": "windows rt", "scope": "eq", "trust": 1.6, "vendor": "microsoft", "version": null }, { "model": "windows rt 8.1", "scope": "eq", "trust": 1.6, "vendor": "microsoft", "version": null }, { "model": "windows 8", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for 32-bit systems" }, { "model": "windows 8", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for x64-based systems" }, { "model": "windows 8.1", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for 32-bit systems" }, { "model": "windows 8.1", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for x64-based systems" }, { "model": "windows rt", "scope": null, "trust": 0.8, "vendor": "microsoft", "version": null }, { "model": "windows rt 8.1", "scope": null, "trust": 0.8, "vendor": "microsoft", "version": null }, { "model": "windows server 2008", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for 32-bit systems sp2 (server core install )" }, { "model": "windows server 2008", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for x64-based systems sp2 (server core install )" }, { "model": "windows server 2008", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "r2 for x64-based systems sp1 (server core install )" }, { "model": "windows server 2012", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "none" }, { "model": "windows server 2012", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "(server core install )" }, { "model": "windows server 2012", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "r2 (server core install )" }, { "model": "wssyncmlnps", "scope": "lt", "trust": 0.6, "vendor": "samsung", "version": "2015-10-31" }, { "model": "windows vista service pack", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "20" }, { "model": "windows server r2 for x64-based systems sp1", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "2008" }, { "model": "windows server for x64-based systems sp2", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "2008" }, { "model": "windows server for itanium-based systems sp2", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "2008" }, { "model": "windows server for 32-bit systems sp2", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "2008" }, { "model": "windows server itanium sp2", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "2003" }, { "model": "windows server sp2", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "2003" }, { "model": "windows for x64-based systems sp1", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "7" }, { "model": "windows for 32-bit systems sp1", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "7" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-07229" }, { "db": "BID", "id": "71927" }, { "db": "JVNDB", "id": "JVNDB-2015-001030" }, { "db": "CNNVD", "id": "CNNVD-201501-249" }, { "db": "NVD", "id": "CVE-2015-0001" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:microsoft:windows_8", "vulnerable": true }, { "cpe22Uri": "cpe:/o:microsoft:windows_8.1", "vulnerable": true }, { "cpe22Uri": "cpe:/o:microsoft:windows_rt", "vulnerable": true }, { "cpe22Uri": "cpe:/o:microsoft:windows_rt_8.1", "vulnerable": true }, { "cpe22Uri": "cpe:/o:microsoft:windows_server_2008", "vulnerable": true }, { "cpe22Uri": "cpe:/o:microsoft:windows_server_2012", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2015-001030" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Alex Ionescu of Winsider Seminars \u0026 Solutions Inc. and CrowdStrike Inc.", "sources": [ { "db": "BID", "id": "71927" } ], "trust": 0.3 }, "cve": "CVE-2015-0001", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.4, "id": "CVE-2015-0001", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 1.8, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "CNVD-2017-07229", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2015-0001", "trust": 1.0, "value": "LOW" }, { "author": "NVD", "id": "CVE-2015-0001", "trust": 0.8, "value": "Low" }, { "author": "CNVD", "id": "CNVD-2017-07229", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201501-249", "trust": 0.6, "value": "LOW" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-07229" }, { "db": "JVNDB", "id": "JVNDB-2015-001030" }, { "db": "CNNVD", "id": "CNNVD-201501-249" }, { "db": "NVD", "id": "CVE-2015-0001" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass the Protected Process Light protection mechanism and read the contents of arbitrary process-memory locations by leveraging administrative privileges, aka \"Windows Error Reporting Security Feature Bypass Vulnerability.\". Samsungwssyncmlnps is a software update service in Samsung\u0027s smartphones in South Korea. Kiesrestore is one of the system recovery features. A directory traversal vulnerability exists in Kiesrestore in versions prior to Samsungwssyncmlnps2015-10-31. An attacker could exploit this vulnerability to write to any file. \nLocal attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Successful exploits may lead to other attacks", "sources": [ { "db": "NVD", "id": "CVE-2015-0001" }, { "db": "JVNDB", "id": "JVNDB-2015-001030" }, { "db": "CNVD", "id": "CNVD-2017-07229" }, { "db": "BID", "id": "71927" } ], "trust": 2.43 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2015-0001", "trust": 3.3 }, { "db": "BID", "id": "71927", "trust": 1.3 }, { "db": "SECUNIA", "id": "62134", "trust": 1.0 }, { "db": "PACKETSTORM", "id": "134392", "trust": 1.0 }, { "db": "JVNDB", "id": "JVNDB-2015-001030", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2017-07229", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201501-249", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-07229" }, { "db": "BID", "id": "71927" }, { "db": "JVNDB", "id": "JVNDB-2015-001030" }, { "db": "CNNVD", "id": "CNNVD-201501-249" }, { "db": "NVD", "id": "CVE-2015-0001" } ] }, "id": "VAR-201501-0425", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2017-07229" } ], "trust": 1.6 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-07229" } ] }, "last_update_date": "2024-11-23T22:07:29.302000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "MS15-006", "trust": 0.8, "url": "https://technet.microsoft.com/en-us/library/security/ms15-006" }, { "title": "MS15-006", "trust": 0.8, "url": "https://technet.microsoft.com/ja-jp/library/security/ms15-006" }, { "title": "Samsungwssyncmlnps directory traversal vulnerability patch", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/94084" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-07229" }, { "db": "JVNDB", "id": "JVNDB-2015-001030" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-264", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2015-001030" }, { "db": "NVD", "id": "CVE-2015-0001" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.0, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99513" }, { "trust": 1.0, "url": "http://www.securityfocus.com/bid/71927" }, { "trust": 1.0, "url": "http://secunia.com/advisories/62134" }, { "trust": 1.0, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99514" }, { "trust": 1.0, "url": "http://packetstormsecurity.com/files/134392/microsoft-windows-8.1-ahcache.sys-ntapphelpcachecontrol-privilege-escalation.html" }, { "trust": 1.0, "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-006" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0001" }, { "trust": 0.8, "url": "http://www.ipa.go.jp/security/ciadr/vul/20150114-ms.html" }, { "trust": 0.8, "url": "http://www.jpcert.or.jp/at/2015/at150001.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0001" }, { "trust": 0.8, "url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15213" }, { "trust": 0.6, "url": "https://github.com/ud2/advisories/tree/master/android/samsung/nocve-2015-0001" }, { "trust": 0.6, "url": "http://technet.microsoft.com/security/bulletin/ms15-006" }, { "trust": 0.3, "url": "http://www.microsoft.com" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-07229" }, { "db": "BID", "id": "71927" }, { "db": "JVNDB", "id": "JVNDB-2015-001030" }, { "db": "CNNVD", "id": "CNNVD-201501-249" }, { "db": "NVD", "id": "CVE-2015-0001" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2017-07229" }, { "db": "BID", "id": "71927" }, { "db": "JVNDB", "id": "JVNDB-2015-001030" }, { "db": "CNNVD", "id": "CNNVD-201501-249" }, { "db": "NVD", "id": "CVE-2015-0001" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-05-23T00:00:00", "db": "CNVD", "id": "CNVD-2017-07229" }, { "date": "2015-01-13T00:00:00", "db": "BID", "id": "71927" }, { "date": "2015-01-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2015-001030" }, { "date": "2015-01-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201501-249" }, { "date": "2015-01-13T22:59:00.050000", "db": "NVD", "id": "CVE-2015-0001" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-05-23T00:00:00", "db": "CNVD", "id": "CNVD-2017-07229" }, { "date": "2015-01-13T00:00:00", "db": "BID", "id": "71927" }, { "date": "2015-01-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2015-001030" }, { "date": "2015-01-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201501-249" }, { "date": "2024-11-21T02:22:09.790000", "db": "NVD", "id": "CVE-2015-0001" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "BID", "id": "71927" }, { "db": "CNNVD", "id": "CNNVD-201501-249" } ], "trust": 0.9 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Microsoft Windows Product Windows Error Reporting In the component Protected Process Light Vulnerabilities that circumvent protection mechanisms", "sources": [ { "db": "JVNDB", "id": "JVNDB-2015-001030" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "permissions and access control", "sources": [ { "db": "CNNVD", "id": "CNNVD-201501-249" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.