CVE-2015-0058
Microsoft Windows win32k.sys Dangling Pointer Privilege Escalation Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted application, aka "Windows Cursor Object Double Free Vulnerability."
Vulnerabilidad de doble liberación en win32k.sys en los controladores del modo de kernel en Microsoft Windows 8.1, Windows Server 2012 R2, y Windows RT 8.1 permite a usuarios locales ganar privilegios a través de una aplicación manipulada, también conocido como 'vulnerabilidad de la doble liberación del objeto del cursor de Windows.'
This vulnerability allows for elevation of privilege on vulnerable installations of Microsoft Windows. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
The specific flaw exists within the usage of Cursor objects. The issue lies in the failure to properly handle error conditions leading to a pointer not being reset. An attacker can leverage this vulnerability to raise privileges and execute code under the context of SYSTEM.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-11-18 CVE Reserved
- 2015-02-10 CVE Published
- 2015-05-25 First Exploit
- 2024-08-06 CVE Updated
- 2024-09-23 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-415: Double Free
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/72468 | Third Party Advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/100432 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/37098 | 2015-05-25 |
URL | Date | SRC |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-010 | 2019-05-14 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Microsoft Search vendor "Microsoft" | Windows 8.1 Search vendor "Microsoft" for product "Windows 8.1" | - | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Rt 8.1 Search vendor "Microsoft" for product "Windows Rt 8.1" | - | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2012 Search vendor "Microsoft" for product "Windows Server 2012" | r2 Search vendor "Microsoft" for product "Windows Server 2012" and version "r2" | - |
Affected
|