CVE-2015-0016

Warning

Exploit

EPSS 91.15%
Published 13.01.2015 22:59:07
Last modified 12.04.2025 10:46:40
Source secure@microsoft.com
Teams watchlist Login
Open Login

Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted pathname in an executable file, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Directory Traversal Elevation of Privilege Vulnerability."

Affected products Warnungen 1 Metrics 4 CWE 1 References 12

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 7 Version- Updatesp1

Microsoft ≫ Windows 8 Version-

Microsoft ≫ Windows 8.1 Version-

Microsoft ≫ Windows Rt Version- Updategold

Microsoft ≫ Windows Rt 8.1 Version-

Microsoft ≫ Windows Server 2008 Versionr2 Updatesp1

Microsoft ≫ Windows Server 2012 Version- Updategold

Microsoft ≫ Windows Server 2012 Versionr2 HwPlatformx64

Microsoft ≫ Windows Vista Version- Updatesp2

25.05.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Windows TS WebProxy Directory Traversal Vulnerability

Vulnerability

Directory traversal vulnerability in the TS WebProxy (TSWbPrxy) component in Microsoft Windows allows remote attackers to escalate privileges.

Description

Apply updates per vendor instructions.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	91.15%	0.996

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2015-0016-escaping-the-internet-explorer-sandbox/

Exploit

http://packetstormsecurity.com/files/130201/MS15-004-Microsoft-Remote-Desktop-Services-Web-Proxy-IE-Sandbox-Escape.html

Third Party Advisory

Exploit

VDB Entry

http://secunia.com/advisories/62076

Broken Link

http://www.exploit-db.com/exploits/35983

Third Party Advisory

Exploit

VDB Entry