SB2015051202 - Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2015051202

SB2015051202 - Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege

Published: May 12, 2015

Security Bulletin ID SB2015051202
Severity
Medium
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 17% Low 83%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2015-1676)

The vulnerabiity allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to private address information leaking during a function call. A remote attacker can bypass the ASLR protection mechanism, gain access to sensitive information and use it to launch further attacks against the affected system.

Successful exploitation of this vulnerability results in information disclosure on the vulnerable system.

2) Information disclosure (CVE-ID: CVE-2015-1677)

The vulnerabiity allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to private address information leaking during a function call. A remote attacker can bypass the ASLR protection mechanism, gain access to sensitive information and use it to launch further attacks against the affected system.

Successful exploitation of this vulnerability results in information disclosure on the vulnerable system.

3) Information disclosure (CVE-ID: CVE-2015-1678)

The vulnerabiity allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to private address information leaking during a function call. A remote attacker can bypass the ASLR protection mechanism, gain access to sensitive information and use it to launch further attacks against the affected system.

Successful exploitation of this vulnerability results in information disclosure on the vulnerable system.

4) Information disclosure (CVE-ID: CVE-2015-1679)

The vulnerabiity allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to private address information leaking during a function call. A remote attacker can bypass the ASLR protection mechanism, gain access to sensitive information and use it to launch further attacks against the affected system.

Successful exploitation of this vulnerability results in information disclosure on the vulnerable system.

5) Information disclosure (CVE-ID: CVE-2015-1680)

The vulnerabiity allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to private address information leaking during a function call. A remote attacker can bypass the ASLR protection mechanism, gain access to sensitive information and use it to launch further attacks against the affected system.

Successful exploitation of this vulnerability results in information disclosure on the vulnerable system.

6) Privilege escalation (CVE-ID: CVE-2015-1701)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to improper access control. A local attacker can create a specially crafted application, execute a callback in userspace and use data from the System token to execute arbitrary code on the system with root privileges.

Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

Remediation

Install update from vendor's website.

References