admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-16xx/CVE-2015-1674.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

133 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2015-1674",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-05-13T10:59:06.973",
"lastModified": "2019-05-14T20:30:42.203",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate an unspecified address, which allows local users to bypass the KASLR protection mechanism, and consequently discover the cng.sys base address, via a crafted application, aka \"Windows Kernel Security Feature Bypass Vulnerability.\""
},
{
"lang": "es",
"value": "El kernel en Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 no valida correctamente una direcci\u00f3n no especificada, lo que permite a usuarios locales evadir el mecanismo de protecci\u00f3n KASLR, y como consecuencia descubrir la direcci\u00f3n de la base cng.sys, a trav\u00e9s de una aplicaci\u00f3n manipulada, tambi\u00e9n conocido como 'vulnerabilidad de la evasi\u00f3n de la caracter\u00edstica de seguridad del kernel de Windows.'"
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-254"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC7A32C-4A4A-4533-B42E-350E728ADFEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/74488",
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1032292",
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-052",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.exploit-db.com/exploits/37052/",
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink