Beschreibung
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service or gain privileges.
Below is a complete list of vulnerabilities
- Improper requests parsing at Windows Domain Name System (DNS) can be exploited remotely via a specially designed DNS requests to execute arbitrary code;
- Improper fonts parsing at Uniscribe can be exploited remotely via a specially designed content to execute arbitrary code;
- Improper input validation can be exploited locally via a specially designed application to execute arbitrary code;
- Race condition at Windows Pragmatic General Multicast (PGM) protocol can be exploited by logged in attacker via a specially designed application to gain privileges;
- Improper memory handling at Windows kernel can be exploited by logged in user to gain privileges.
- Unspecified vulnerabilities in Windows Media Center
Technical details
Vulnerability (1) is relevant for Windows servers configured as DNS servers. Exploitation of this vulnerability can lead to arbitrary code execution in the context of Local System Account.
Vulnerability (3) caused by improper input validation before libraries loading.
Vulnerability (4) related to situation when attacker-induced race condition results in references to memory contents that have already been freed. This vulnerability id relevant only for systems with installed Microsoft Message Queuing and specifically enabled PGM which isn’t default configuration.
Ursprüngliche Informationshinweise
- CVE-2015-6131
- CVE-2015-6130
- CVE-2015-6133
- CVE-2015-6132
- CVE-2015-6126
- CVE-2015-6125
- CVE-2015-6175
- CVE-2015-6174
- CVE-2015-6128
- CVE-2015-6171
- CVE-2015-6173
CVE Liste
- CVE-2015-6127 critical
- CVE-2015-6131 critical
- CVE-2015-6130 critical
- CVE-2015-6133 critical
- CVE-2015-6132 critical
- CVE-2015-6126 critical
- CVE-2015-6125 critical
- CVE-2015-6175 critical
- CVE-2015-6174 critical
- CVE-2015-6128 critical
- CVE-2015-6171 critical
- CVE-2015-6173 critical
KB Liste
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com