CVSS: 7.7EPSS: 0%CPEs: 4EXPL: 2CVE-2015-7865 – Nvidia Stereoscopic 3D Driver Service 7.17.13.5382 - Arbitrary Run Key Creation
https://notcve.org/view.php?id=CVE-2015-7865
nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to the stereosvrpipe named pipe, which allows local users to gain privileges via a commandline in a number 2 command, which is stored in the HKEY_LOCAL_MACHINE explorer Run registry key, a different vulnerability than CVE-2011-4784. nvSCPAPISvr.exe en el Stereoscopic 3D Driver Service en el controlador de gráficos NVIDIA GPU R340 en versiones anteriores a 341.92, R352 en versiones anteriores a 354.35 y R358 en versiones anteriores a 358.87 en Windows no restringe adecuadamente el acceso a la tubería llamada stereosvrpipe, lo que permite a usuarios locales obtener privilegios a través de una línea de comandos en un comando número 2, que se almacena enla clave de registro HKEY_LOCAL_MACHINE explorer Run, una vulnerabilidad diferente a CVE-2011-4784. • https://www.exploit-db.com/exploits/38792 http://nvidia.custhelp.com/app/answers/detail/a_id/3807/kw/security http://packetstormsecurity.com/files/134520/NVIDIA-Stereoscopic-3D-Driver-Service-Arbitrary-Run-Key-Creation.html http://www.securitytracker.com/id/1034173 https://code.google.com/p/google-security-research/issues/detail? • CWE-284: Improper Access Control •
CVSS: 2.1EPSS: 73%CPEs: 13EXPL: 1CVE-2015-6102 – Microsoft Windows - Cursor Object Memory Leak (MS15-115)
https://notcve.org/view.php?id=CVE-2015-6102
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Windows Kernel Memory Information Disclosure Vulnerability." El kernel en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT Gold y 8.1 y Windows 10 Gold y 1511 permite a usuarios locales eludir el mecanismo de protección KASLR, y como consecuencia descubrir una dirección base de driver, a través de una aplicación manipulada, también conocida como 'Windows Kernel Memory Information Disclosure Vulnerability'. • https://www.exploit-db.com/exploits/38794 http://packetstormsecurity.com/files/134519/Microsoft-Windows-Cursor-Object-Potential-Memory-Leak.html http://www.securitytracker.com/id/1034114 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-115 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 15%CPEs: 13EXPL: 2CVE-2015-6103 – Microsoft Windows Kernel - 'win32k.sys' Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
https://notcve.org/view.php?id=CVE-2015-6103
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Windows Graphics Memory Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-6104. Adobe Type Manager Library en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT Gold y 8.1 y Windows 10 Gold y 1511 permite a atacantes remotos ejecutar código arbitrario a través de una fuente embebida manipulada, también conocida como 'Windows Graphics Memory Remote Code Execution Vulnerability', una vulnerabilidad diferente a CVE-2015-6104. A number of Windows kernel crashes in the win32k.sys driver exist while processing a specific corrupted TTF font file. • https://www.exploit-db.com/exploits/38714 http://packetstormsecurity.com/files/134397/Microsoft-Windows-Kernel-Win32k.sys-TTF-Font-Processing-Buffer-Overflow.html http://www.securitytracker.com/id/1034114 https://code.google.com/p/google-security-research/issues/detail? • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 15%CPEs: 13EXPL: 2CVE-2015-6104 – Microsoft Windows Kernel - 'win32k.sys' Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
https://notcve.org/view.php?id=CVE-2015-6104
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Windows Graphics Memory Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-6103. Adobe Type Manager Library en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT Gold y 8.1 y Windows 10 Gold y 1511 permite a atacantes remotos ejecutar código arbitrario a través de una fuente embebida manipulada, también conocida como 'Windows Graphics Memory Remote Code Execution Vulnerability', una vulnerabilidad diferente a CVE-2015-6103. A number of Windows kernel crashes in the win32k.sys driver exist while processing a specific corrupted TTF font file. • https://www.exploit-db.com/exploits/38713 http://packetstormsecurity.com/files/134398/Microsoft-Windows-Kernel-Win32k.sys-TTF-Font-Processing-Buffer-Overflow.html http://www.securitytracker.com/id/1034114 https://code.google.com/p/google-security-research/issues/detail? • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 69%CPEs: 4EXPL: 1CVE-2015-6098 – Microsoft Windows - 'ndis.sys' IOCTL 0x170034 (ndis!
https://notcve.org/view.php?id=CVE-2015-6098
Buffer overflow in the Network Driver Interface Standard (NDIS) implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows NDIS Elevation of Privilege Vulnerability." Desbordamiento de buffer en la implementación de Network Driver Interface Standard (NDIS) en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1 y Windows 7 SP1 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, también conocida como 'Windows NDIS Elevation of Privilege Vulnerability'. The attached testcase crashes Windows 7 32-bit due to a pool buffer overflow in an ioctl handler. • https://www.exploit-db.com/exploits/38793 http://packetstormsecurity.com/files/134521/Microsoft-Windows-Ndis.sys-Buffer-Overflow.html http://www.securitytracker.com/id/1034115 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-117 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-264: Permissions, Privileges, and Access Controls •