CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0CVE-2015-0006
https://notcve.org/view.php?id=CVE-2015-0006
The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka "NLA Security Feature Bypass Vulnerability." El servicio Network Location Awareness (NLA) de Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, y Windows Server 2012 Gold y R2 no realiza autenticación recíproca para determinar un dominio de conexión, lo que permite atacantes remotos lanzar una configuración permisiva no intencionada mediante suplantación de DNS y respuestas LDAP en la red local, también conocido como 'NLA Security Feature Bypass Vulnerability.' • http://secunia.com/advisories/62098 http://secunia.com/advisories/62184 http://www.securityfocus.com/bid/71930 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005 https://exchange.xforce.ibmcloud.com/vulnerabilities/99521 https://exchange.xforce.ibmcloud.com/vulnerabilities/99522 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 82%CPEs: 9EXPL: 0CVE-2015-0014
https://notcve.org/view.php?id=CVE-2015-0014
Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows Telnet Service Buffer Overflow Vulnerability." Desbordamiento de buffer en el servicio Telnet en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, y Windows Server 2012 Gold y R2 permite a atacantes remotos ejecutar código arbitrario a través de paquetes manipulados, también conocido como 'vulnerabilidad del desbordamiento de buffer del servicio Telnet de Windows.' • http://secunia.com/advisories/61580 http://www.securityfocus.com/bid/71968 http://www.securitytracker.com/id/1031523 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-002 https://exchange.xforce.ibmcloud.com/vulnerabilities/99517 https://exchange.xforce.ibmcloud.com/vulnerabilities/99518 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 1%CPEs: 11EXPL: 0CVE-2014-6355
https://notcve.org/view.php?id=CVE-2014-6355
The Graphics Component in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly process JPEG images, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Graphics Component Information Disclosure Vulnerability." El componente Graphics en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 no procesa debidamente imágenes JPEG, lo que facilita a atacantes remotos evitar el mecanismo de protección ASLR a través de un sitio web manipulado, también conocido como 'Vulnerabilidad de la divulgación de información del componente Graphics'. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-085 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 96%CPEs: 9EXPL: 1CVE-2014-6324 – Microsoft Kerberos Key Distribution Center (KDC) Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2014-6324
The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka "Kerberos Checksum Vulnerability." Kerberos Key Distribution Center (KDC) en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, y Windows Server 2012 Gold y R2, permite a usuarios remotos autenficados obtener privilegios de administrador de dominio a través de una firma falsificada en un ticket, tal y como fue utilizado activamente en Noviembre de 2014, también conocido como 'Vulnerabilidad de Kerberos Checksum.' The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain administrator privileges. • https://www.exploit-db.com/exploits/35474 http://blogs.technet.com/b/srd/archive/2014/11/18/additional-information-about-cve-2014-6324.aspx http://marc.info/?l=bugtraq&m=142350249315918&w=2 http://secunia.com/advisories/62556 http://www.securityfocus.com/bid/70958 http://www.securitytracker.com/id/1031237 http://www.us-cert.gov/ncas/alerts/TA14-323A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-068 https://labs.mwrinfosecurity.com/blog/2014 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 12%CPEs: 7EXPL: 0CVE-2014-4077 – Microsoft IME Japanese Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2014-4077
Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanese) Elevation of Privilege Vulnerability," as exploited in the wild in 2014. Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, y Office 2007 SP3, cuando IMJPDCT.EXE (también conocido como IME para japonés) está instalado, permiten a atacantes remotos evadir un mecanismo de protección sandbox a través de un documento PDF manipulado, también conocido como 'vulnerabilidad de la elevación de privilegios de Microsoft IME (japonés),' tal y como fue utilizado activamente en 2014. Microsoft Input Method Editor (IME) Japanese is a keyboard with Japanese characters that can be enabled on Windows systems as it is included by default (with the default set as disabled). IME Japanese contains an unspecified vulnerability when IMJPDCT.EXE (IME for Japanese) is installed which allows attackers to bypass a sandbox and perform privilege escalation. • http://blogs.technet.com/b/srd/archive/2014/11/11/assessing-risk-for-the-november-2014-security-updates.aspx http://www.securitytracker.com/id/1031196 http://www.securitytracker.com/id/1031197 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-078 •