4.6

CVE-2015-1674

Exploit
The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate an unspecified address, which allows local users to bypass the KASLR protection mechanism, and consequently discover the cng.sys base address, via a crafted application, aka "Windows Kernel Security Feature Bypass Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftWindows 8 Version-
MicrosoftWindows 8.1 Version-
MicrosoftWindows Rt Version-
MicrosoftWindows Rt 8.1 Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.33% 0.871
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securityfocus.com/bid/74488
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1032292
Third Party Advisory
VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-052
Patch
Vendor Advisory
https://www.exploit-db.com/exploits/37052/
Third Party Advisory
Exploit
VDB Entry