Main
Vulnerability Database
Exploits
ID:1608 - Exploit for Security bypass in Windows and Windows Server - CVE-2015-2433
ID:1608 - Exploit for Security bypass in Windows and Windows Server - CVE-2015-2433
Published: March 18, 2020
Vulnerability identifier: #VU5668
Vulnerability risk: Low
CVE-ID: CVE-2015-2433
CWE-ID: CWE-200
Exploitation vector: Local access
Vulnerable software:
Windows
Windows Server
Windows
Windows Server
Link to public exploit:
Vulnerability description
The vulnerabiity allows a local attacker to bypass security restrictions on the target system.
The weakness exists due to improper initialization of a memory address by Windows kernel. A local attacker can create a specially crafted application, execute it on the system, bypass Kernel Address Space Layout Randomization (KASLR) and obtain arbitrary information.
Successful exploitation of this vulnerability results in disclosure of sensitive information.
The weakness exists due to improper initialization of a memory address by Windows kernel. A local attacker can create a specially crafted application, execute it on the system, bypass Kernel Address Space Layout Randomization (KASLR) and obtain arbitrary information.
Successful exploitation of this vulnerability results in disclosure of sensitive information.
Remediation
Install update from vendor's website.