Detect date
?
|
12/08/2015 |
Severity
?
|
Critical |
Description
|
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service or gain privileges. Below is a complete list of vulnerabilities
Technical details Vulnerability (1) is relevant for Windows servers configured as DNS servers. Exploitation of this vulnerability can lead to arbitrary code execution in the context of Local System Account. Vulnerability (3) caused by improper input validation before libraries loading. Vulnerability (4) related to situation when attacker-induced race condition results in references to memory contents that have already been freed. This vulnerability id relevant only for systems with installed Microsoft Message Queuing and specifically enabled PGM which isn’t default configuration. |
Affected products
|
Microsoft Windows Vista Service Pack 2 |
Solution
|
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) |
Original advisories
|
CVE-2015-6127 |
Impacts
?
|
ACE [?] OSI [?] DoS [?] PE [?] |
Related products
|
Microsoft Windows Vista Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Server 2008 Windows RT Microsoft Windows 10 Microsoft Windows Media Center |
CVE-IDS
?
|
CVE-2015-61274.3Warning
CVE-2015-61319.3Critical CVE-2015-61309.3Critical CVE-2015-61337.2High CVE-2015-61327.2High CVE-2015-61267.2High CVE-2015-61259.3Critical CVE-2015-61757.2High CVE-2015-61747.2High CVE-2015-61287.2High CVE-2015-61717.2High CVE-2015-61737.2High |
Microsoft official advisories
|
Microsoft Security Update Guide |
KB list
|
3108347 |
Exploitation
|
The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/38912 https://www.exploit-db.com/exploits/38911 https://www.exploit-db.com/exploits/38968 https://www.exploit-db.com/exploits/38918 Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details. |
Find out the statistics of the vulnerabilities spreading in your region |