CVE-2015-1674
The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate an unspecified address, which allows local users to bypass the KASLR protection mechanism, and consequently discover the cng.sys base address, via a crafted application, aka "Windows Kernel Security Feature Bypass Vulnerability."
Published
2015-05-13T10:59:06.973
Last Modified
2025-04-12T10:46:40.837
Status
Deferred
Source
[email protected]
Severity
CVSSv2: 4.6 (MEDIUM)
CVSSv2 Vector
AV:L/AC:L/Au:N/C:P/I:P/A:P
- Access Vector: LOCAL
- Access Complexity: LOW
- Authentication: NONE
- Confidentiality Impact: PARTIAL
- Integrity Impact: PARTIAL
- Availability Impact: PARTIAL
Exploitability Score
3.9
Impact Score
6.4
Weaknesses
Affected Vendors & Products
References
-
http://www.securityfocus.com/bid/74488
Third Party Advisory, VDB Entry
([email protected])
-
http://www.securitytracker.com/id/1032292
Third Party Advisory, VDB Entry
([email protected])
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-052
Patch, Vendor Advisory
([email protected])
-
https://www.exploit-db.com/exploits/37052/
Exploit, Third Party Advisory, VDB Entry
([email protected])
-
http://www.securityfocus.com/bid/74488
Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)
-
http://www.securitytracker.com/id/1032292
Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-052
Patch, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://www.exploit-db.com/exploits/37052/
Exploit, Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)