CVSS: 6.9EPSS: 1%CPEs: 12EXPL: 1CVE-2015-0003 – Microsoft Windows WM_SYSTIMER Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2015-0003
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." win32k.sys en los controladores del modo kernel en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 permite a usuarios locales ganar privilegios o causar una denegación de servicio (referencia a puntero nulo) a través de un aplicación manipulada, también conocido como 'vulnerabilidad de la elevación de privilegios de Win32k.' This vulnerability allows local attackers to elevate to System privileges on vulnerable installations of Microsoft Windows. This vulnerability requires the ability to run arbitrary unprivileged code. The specific flaw exists within the handling of the WM_SYSTIMER message. By malforming the window handle in the message, an attacker is able to cause the kernel to write to a controlled address. An attacker could leverage this to execute arbitrary code in the context of the System. • https://www.exploit-db.com/exploits/37098 http://www.securityfocus.com/bid/72457 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-010 https://exchange.xforce.ibmcloud.com/vulnerabilities/100430 • CWE-476: NULL Pointer Dereference •
CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 2CVE-2015-0004 – Microsoft Windows < 8.1 (x86/x64) - User Profile Service Privilege Escalation (MS15-003)
https://notcve.org/view.php?id=CVE-2015-0004
The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges by conducting a junction attack to load another user's UsrClass.dat registry hive, aka MSRC ID 20674 or "Microsoft User Profile Service Elevation of Privilege Vulnerability." User Profile Service (también conocido como ProfSvc) en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 permite a usuarios locales ganar privilegios mediante la realización de un ataque de cruces para cargar el hive del registro UsrClass.dat de otro usuario, tambieán conocido como MSRC ID 20674 o 'vulnerabilidad de la elevación de privilegios de Microsoft User Profile Service.' Windows suffers from an elevation of privilege vulnerability in the User Profile Service. • https://www.exploit-db.com/exploits/35811 http://secunia.com/advisories/61927 http://www.securityfocus.com/bid/71967 https://code.google.com/p/google-security-research/issues/detail?id=123 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-003 https://exchange.xforce.ibmcloud.com/vulnerabilities/99519 https://exchange.xforce.ibmcloud.com/vulnerabilities/99520 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 92%CPEs: 5EXPL: 0CVE-2015-0015
https://notcve.org/view.php?id=CVE-2015-0015
Microsoft Windows Server 2003 SP2, Server 2008 SP2 and R2 SP1, and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (system hang and RADIUS outage) via crafted username strings to (1) Internet Authentication Service (IAS) or (2) Network Policy Server (NPS), aka "Network Policy Server RADIUS Implementation Denial of Service Vulnerability." Microsoft Windows Server 2003 SP2, Server 2008 SP2 y R2 SP1, y Server 2012 Gold y R2 permiten a atacantes remotos causar una denegación de servicio (cuelgue de sistema y interrupción de RADIUS) a través de cadenas de nombres de usuarios manipuladas en (1) Internet Authentication Service (IAS) o (2) Network Policy Server (NPS), también conocido como 'vulnerabilidad de la denegación de servicio de la implementación RADIUS del servidor de la política de red.' • http://secunia.com/advisories/62148 http://www.securityfocus.com/bid/71933 http://www.securitytracker.com/id/1031532 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-007 • CWE-399: Resource Management Errors •
CVSS: 4.7EPSS: 0%CPEs: 10EXPL: 0CVE-2015-0011
https://notcve.org/view.php?id=CVE-2015-0011
mrxdav.sys (aka the WebDAV driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass an impersonation protection mechanism, and obtain privileges for redirection of WebDAV requests, via a crafted application, aka "WebDAV Elevation of Privilege Vulnerability." mrxdav.sys (también conocido como el controlador WebDAV) en los controladores del modo kernel en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 permite a usuarios locales evadir el mecanismo de protección de la suplantación, y obtener privilegios para la redirección de solicitudes WebDAV, a través de una aplicación manipulada, también conocido como 'vulnerabilidad de la elevación de privilegios de WebDAV.' • http://secunia.com/advisories/62154 http://www.securityfocus.com/bid/71960 http://www.securitytracker.com/id/1031531 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-008 https://exchange.xforce.ibmcloud.com/vulnerabilities/99526 https://exchange.xforce.ibmcloud.com/vulnerabilities/99527 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0CVE-2015-0006
https://notcve.org/view.php?id=CVE-2015-0006
The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka "NLA Security Feature Bypass Vulnerability." El servicio Network Location Awareness (NLA) de Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, y Windows Server 2012 Gold y R2 no realiza autenticación recíproca para determinar un dominio de conexión, lo que permite atacantes remotos lanzar una configuración permisiva no intencionada mediante suplantación de DNS y respuestas LDAP en la red local, también conocido como 'NLA Security Feature Bypass Vulnerability.' • http://secunia.com/advisories/62098 http://secunia.com/advisories/62184 http://www.securityfocus.com/bid/71930 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005 https://exchange.xforce.ibmcloud.com/vulnerabilities/99521 https://exchange.xforce.ibmcloud.com/vulnerabilities/99522 • CWE-264: Permissions, Privileges, and Access Controls •