Main Vulnerability Database Vulnerabilities #VU5576

Security bypass in Windows and Windows Server - CVE-2015-2529

Published: February 1, 2017 / Updated: February 21, 2017

Vulnerability identifier: #VU5576

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2015-2529

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Microsoft

Affected software:
Windows
Windows Server

Detailed vulnerability description

The vulnerability allows a local attacker to bypass security restrictions on the target system.

The weakness exists due to improper initialization of a memory address in the Windows kernel. A local attacker can execute a specially crafted program, bypass Kernel Address Space Layout Randomization (KASLR) and obtain the base address of the kernel driver.

Successful exploitation of the vulnerability may result in information disclosure on the vulnerable system.

How to mitigate CVE-2015-2529

Install update from vendor's website.

Sources

https://technet.microsoft.com/en-us/library/security/ms15-097

Security bypass in Windows and Windows Server - CVE-2015-2529

Detailed vulnerability description

How to mitigate CVE-2015-2529

Sources

Please verify you're human