SB2015090802 - Multiple vulnerabilities in Microsoft Windows

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2015090802

SB2015090802 - Multiple vulnerabilities in Microsoft Windows

Published: September 8, 2015 Updated: March 7, 2017

Security Bulletin ID SB2015090802
Severity
High
Patch available
YES
Number of vulnerabilities 11
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 9% Medium 82% Low 9%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 11 secuirty vulnerabilities.


1) Memory corruption (CVE-ID: CVE-2015-2546)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in ATMFD.dll in Win32k.sys. A local attacker can execute a specially crafted program, trigger memory corruption and gain SYSTEM privileges.

Successful exploitation of the vulnerability may result in full control of the vulnerable system.


Note: the vulnerability was being actively exploited.


2) Security bypass (CVE-ID: CVE-2015-2529)

The vulnerability allows a local attacker to bypass security restrictions on the target system.

The weakness exists due to improper initialization of a memory address in the Windows kernel. A local attacker can execute a specially crafted program, bypass Kernel Address Space Layout Randomization (KASLR) and obtain the base address of the kernel driver.

Successful exploitation of the vulnerability may result in information disclosure on the vulnerable system.


3) Memory corruption (CVE-ID: CVE-2015-2527)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to improper validation and enforcement of integrity levels by Win32k.sys. A local attacker can execute a specially crafted program and gain SYSTEM privileges.

Successful exploitation of the vulnerability may result in full control of the vulnerable system.


4) Memory corruption (CVE-ID: CVE-2015-2518)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in ATMFD.dll in Win32k.sys. A local attacker can execute a specially crafted program, trigger memory corruption and gain SYSTEM privileges.

Successful exploitation of the vulnerability may result in full control of the vulnerable system.


5) Memory corruption (CVE-ID: CVE-2015-2517)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in ATMFD.dll in Win32k.sys. A local attacker can execute a specially crafted program, trigger memory corruption and gain SYSTEM privileges.

Successful exploitation of the vulnerability may result in full control of the vulnerable system.


6) Memory corruption (CVE-ID: CVE-2015-2512)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in ATMFD.dll in Win32k.sys. A local attacker can execute a specially crafted program, trigger memory corruption and gain SYSTEM privileges.

Successful exploitation of the vulnerability may result in full control of the vulnerable system.


7) Memory corruption (CVE-ID: CVE-2015-2511)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in ATMFD.dll in Win32k.sys. A local attacker can execute a specially crafted program, trigger memory corruption and gain SYSTEM privileges.

Successful exploitation of the vulnerability may result in full control of the vulnerable system.


8) Buffer overflow (CVE-ID: CVE-2015-2510)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to buffer overflow when handling of OpenType fonts (OTF) in Adobe Type Manager Library. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in full control of the vulnerable system.


9) Memory corruption (CVE-ID: CVE-2015-2508)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in Adobe Type Manager Library. A local attacker can execute a specially crafted program, trigger memory corruption and gain SYSTEM privileges.

Successful exploitation of the vulnerability may result in full control of the vulnerable system.


10) Memory corruption (CVE-ID: CVE-2015-2507)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in Adobe Type Manager Library. A local attacker can execute a specially crafted program, trigger memory corruption and gain SYSTEM privileges.

Successful exploitation of the vulnerability may result in full control of the vulnerable system.


11) Privilege escalation (CVE-ID: CVE-2015-2506)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to improper handling of OpenType Fonts (OTF) Adobe Type Manager Library. A local attacker can execute a specially crafted program and gain SYSTEM privileges.

Successful exploitation of the vulnerability may result in full control of the vulnerable system.


Remediation

Install update from vendor's website.

References