CVSS: 2.1EPSS: 0%CPEs: 12EXPL: 0CVE-2015-0077 – Microsoft Windows NtUserfnINSTRINGNULL Information Leak Vulnerability
https://notcve.org/view.php?id=CVE-2015-0077
The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize function buffers, which allows local users to obtain sensitive information from kernel memory, and possibly bypass the ASLR protection mechanism, via a crafted application, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability." Los controladores del modo de kernel en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 no inicializan correctamente los buffers de funciones, lo que permite a usuarios locales obtener información sensible de la memoria del kernel, y posiblemente evadir el mecanismo de protección ASLR, a través de una aplicación manipulada, también conocido como 'vulnerabilidad de la divulgación de información de la memoria del kernel de Microsoft Windows.' This vulnerability allows local attackers to leak sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of NtUserfnINSTRINGNULL function. The issue lies in the failure to sanitize a buffer before calling a userland function resulting in the leak of a kernel address. • http://www.securityfocus.com/bid/72897 http://www.securitytracker.com/id/1031897 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-023 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 96%CPEs: 12EXPL: 0CVE-2015-1637
https://notcve.org/view.php?id=CVE-2015-1637
Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1067. Schannel (también conocido como Secure Channel) en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2 y Windows RT Gold y 8.1 no restringe adecuadamente transiciones de estado TLS, lo que facilita a atacantes remotos llevar a cabo ataques de cifrado rebajado para cifrados EXPORT_RSA a través de tráfico TLS manipulado, relacionado con el problema "FREAK", una vulnerabilidad diferente a CVE-2015-0204 y CVE-2015-1067. • http://web.archive.org/web/20150321220028/https://freakattack.com http://www.securityfocus.com/bid/72965 http://www.securitytracker.com/id/1031833 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-031 https://freakattack.com https://technet.microsoft.com/library/security/3046015 • CWE-310: Cryptographic Issues •
CVSS: 4.7EPSS: 0%CPEs: 12EXPL: 1CVE-2015-0060 – Microsoft Windows - Local Privilege Escalation (MS15-010)
https://notcve.org/view.php?id=CVE-2015-0060
The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly scale fonts, which allows local users to cause a denial of service (system hang) via a crafted application, aka "Windows Font Driver Denial of Service Vulnerability." El mapeador de fuentes en win32k.sys en los controladores del modo de kernel en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 no escala correctamente las fuentes, lo que permite a usuarios locales causar una denegación de servicio (cuelgue de sistema) a través de una aplicación manipulada, también conocido como 'vulnerabilidad de la denegación de servicio de los controladores de fuentes de Windows.' • https://www.exploit-db.com/exploits/37098 http://www.securityfocus.com/bid/72472 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-010 https://exchange.xforce.ibmcloud.com/vulnerabilities/100434 • CWE-19: Data Processing Errors •
CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2015-0062 – Microsoft Windows CreateProcessAsUser Impersonation Token Bypass
https://notcve.org/view.php?id=CVE-2015-0062
Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to gain privileges via a crafted application that leverages incorrect impersonation handling in a process that uses the SeAssignPrimaryTokenPrivilege privilege, aka "Windows Create Process Elevation of Privilege Vulnerability." Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 permiten a usuarios locales ganar privilegios a través de una aplicación manipulada que aprovecha el manejo incorrecto de la suplantación en un proceso que utiliza el privilegio SeAssignPrimaryTokenPrivilege, también conocido como 'vulnerabilidad de la elevación de privilegios del proceso de creación de Windows.' Microsoft Windows suffered from a CreateProcessAsUser impersonation token bypass vulnerability. • http://secunia.com/advisories/62840 http://www.securityfocus.com/bid/72458 http://www.securitytracker.com/id/1031724 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-015 https://exchange.xforce.ibmcloud.com/vulnerabilities/100437 https://exchange.xforce.ibmcloud.com/vulnerabilities/100438 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 8%CPEs: 19EXPL: 0CVE-2015-0071 – Microsoft Internet Explorer ASLR Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2015-0071
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability." Microsoft Internet Explorer 9 hasta 11 permite a atacantes remotos evadir el mecanismo de protección ASLR a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la evasión de ASRL de Internet Explorer.' Microsoft Internet Explorer allows remote attackers to bypass the address space layout randomization (ASLR) protection mechanism via a crafted web site. • http://www.securityfocus.com/bid/72455 http://www.securitytracker.com/id/1031723 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009 •