CVSS: 9.3EPSS: 74%CPEs: 6EXPL: 0CVE-2015-1645
https://notcve.org/view.php?id=CVE-2015-1645
Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to execute arbitrary code via a crafted Enhanced Metafile (EMF) image, aka "EMF Processing Remote Code Execution Vulnerability." Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, y Windows 7 SP1 permiten a atacantes remotos ejecutar código arbitrario a través de una imagen Enhanced Metafile (EMF) manipulada, también conocido como 'vulnerabilidad de la ejecución de código remotos en el procesamiento de EMF.' • http://packetstormsecurity.com/files/131457/Microsoft-Windows-GDI-MRSETDIBITSTODEVICE-bPlay-EMF-Parsing-Memory-Corruption.html http://www.securityfocus.com/archive/1/535272/100/0/threaded http://www.securitytracker.com/id/1032110 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-035 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 47%CPEs: 12EXPL: 0CVE-2015-0092 – Microsoft Windows Type 1 Font callother Opcode Heap Buffer Underflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0092
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, and CVE-2015-0093. Adobe Font Driver en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 permite a atacantes remotos ejecutar código arbitrario a través de un (1) sitio web o (2) fichero manipulado, también conocido como 'vulnerabilidad de la ejecución de código remoto de Adobe Font Driver,' una vulnerabilidad diferente a CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, y CVE-2015-0093. This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of certain Type 1 fonts. By providing a crafted font, an attacker can cause a negative offset to be used when calculating a heap buffer address. • http://www.securityfocus.com/bid/72906 http://www.securitytracker.com/id/1031889 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-021 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0CVE-2015-0073
https://notcve.org/view.php?id=CVE-2015-0073
The Windows Registry Virtualization feature in the kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict changes to virtual stores, which allows local users to gain privileges via a crafted application, aka "Registry Virtualization Elevation of Privilege Vulnerability." La característica Windows Registry Virtualization en el kernel en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 no restringe correctamente los cambios a almacenes virtuales, lo que permite a usuarios locales ganar privilegios a través de una aplicación manipulada, también conocido como 'vulnerabilidad de la elevación de privilegios de la virtualización de registros.' • http://www.securityfocus.com/bid/72908 http://www.securitytracker.com/id/1031899 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-025 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 16%CPEs: 12EXPL: 0CVE-2015-0093
https://notcve.org/view.php?id=CVE-2015-0093
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, and CVE-2015-0092. Adobe Font Driver en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 permite a atacantes remotos ejecutar código arbitrario a través de un (1) sitio web o (2) ficheros manipulado, también conocido como 'vulnerabilidad de la ejecución de código remoto de Adobe Font Driver,' una vulnerabilidad diferente a CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, y CVE-2015-0092. • http://www.securityfocus.com/bid/72907 http://www.securitytracker.com/id/1031889 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-021 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 2CVE-2015-0005
https://notcve.org/view.php?id=CVE-2015-0005
The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, aka "NETLOGON Spoofing Vulnerability." El servicio NETLOGON en Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 y R2 SP1, y Windows Server 2012 Gold y R2, cuando un controlador de dominios está configurado, permite a atacantes remotos falsificar el nombre del ordenador del endpoint de un canal seguro, y obtener información sensible, mediante el funcionamiento de una aplicación manipulada y el aprovechamiento de la capacidad de capturar trafico de la red, también conocido como 'vulnerabilidad de falsificación de NETLOGON.' • http://packetstormsecurity.com/files/130773/Windows-Pass-Through-Authentication-Methods-Improper-Validation.html http://seclists.org/fulldisclosure/2015/Mar/60 http://www.coresecurity.com/advisories/windows-pass-through-authentication-methods-improper-validation http://www.securitytracker.com/id/1031891 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-027 https://www.samba.org/samba/history/samba-4.2.10.html • CWE-254: 7PK - Security Features •