Multiple vulnerabilities in Microsoft Windows
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2015-1701 CVE-2015-1680 CVE-2015-1679 CVE-2015-1678 CVE-2015-1677 CVE-2015-1676 |
| CWE-ID | CWE-264 CWE-401 |
| Exploitation vector | Network |
| Public exploit |
Vulnerability #1 is being exploited in the wild. Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #3 is available. Public exploit code for vulnerability #4 is available. Public exploit code for vulnerability #5 is available. Public exploit code for vulnerability #6 is available. |
| Vulnerable software Subscribe |
Windows Operating systems & Components / Operating system Windows Server Operating systems & Components / Operating system |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Privilege escalation
EUVDB-ID: #VU5553
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2015-1701
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to improper access control. A local attacker can create a specially crafted application, execute a callback in userspace and use data from the System token to execute arbitrary code on the system with root privileges.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
Note: the vulnerability was being actively exploited.Mitigation
Install update from vendor's website.
Windows: 7 - Vista
Windows Server: 2008
CPE2.3 External links
http://technet.microsoft.com/en-us/library/security/ms15-051
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
2) Information disclosure
EUVDB-ID: #VU5552
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2015-1680
CWE-ID:
CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')
Exploit availability: Yes
DescriptionThe vulnerabiity allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to private address information leaking during a function call. A remote attacker can bypass the ASLR protection mechanism, gain access to sensitive information and use it to launch further attacks against the affected system.
Successful exploitation of this vulnerability results in information disclosure on the vulnerable system.
Install update from vendor's website.
Windows: 7 - Vista
Windows Server: 2003 - 2012 R2
CPE2.3 External links
http://technet.microsoft.com/en-us/library/security/ms15-051
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
3) Information disclosure
EUVDB-ID: #VU5551
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2015-1679
CWE-ID:
CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')
Exploit availability: Yes
DescriptionThe vulnerabiity allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to private address information leaking during a function call. A remote attacker can bypass the ASLR protection mechanism, gain access to sensitive information and use it to launch further attacks against the affected system.
Successful exploitation of this vulnerability results in information disclosure on the vulnerable system.
Install update from vendor's website.
Windows: 7 - Vista
Windows Server: 2003 - 2012 R2
CPE2.3 External links
http://technet.microsoft.com/en-us/library/security/ms15-051
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
4) Information disclosure
EUVDB-ID: #VU5550
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2015-1678
CWE-ID:
CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')
Exploit availability: Yes
DescriptionThe vulnerabiity allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to private address information leaking during a function call. A remote attacker can bypass the ASLR protection mechanism, gain access to sensitive information and use it to launch further attacks against the affected system.
Successful exploitation of this vulnerability results in information disclosure on the vulnerable system.
Install update from vendor's website.
Windows: 7 - Vista
Windows Server: 2003 - 2012 R2
CPE2.3 External links
http://technet.microsoft.com/en-us/library/security/ms15-051
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
5) Information disclosure
EUVDB-ID: #VU5549
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2015-1677
CWE-ID:
CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')
Exploit availability: Yes
DescriptionThe vulnerabiity allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to private address information leaking during a function call. A remote attacker can bypass the ASLR protection mechanism, gain access to sensitive information and use it to launch further attacks against the affected system.
Successful exploitation of this vulnerability results in information disclosure on the vulnerable system.
Install update from vendor's website.
Windows: 7 - Vista
Windows Server: 2003 - 2012 R2
CPE2.3 External links
http://technet.microsoft.com/en-us/library/security/ms15-051
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
6) Information disclosure
EUVDB-ID: #VU5548
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2015-1676
CWE-ID:
CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')
Exploit availability: Yes
DescriptionThe vulnerabiity allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to private address information leaking during a function call. A remote attacker can bypass the ASLR protection mechanism, gain access to sensitive information and use it to launch further attacks against the affected system.
Successful exploitation of this vulnerability results in information disclosure on the vulnerable system.
Install update from vendor's website.
Windows: 7 - Vista
Windows Server: 2003 - 2012 R2
CPE2.3 External links
http://technet.microsoft.com/en-us/library/security/ms15-051
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
