Описание
Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code or obtain sensitive information.
Below is a complete list of vulnerabilities
- Incorrect memory initialization can be exploited remotely via an unknown vectors;
- Improper buffer handling can be exploited remotely via an unknown vectors;
- Improper memory handling can be exploited remotely via a specially designed application;
- Improper data validation can be exploited remotely via a specially designed application and other unknown vectors;
- Improper URLs sanitation can be exploited remotely via a specially designed URL;
- Improper user validation can be exploited locally via a DLL hijack.
Первичный источник обнаружения
- Microsoft advisory
Microsoft advisory
Microsoft advisory
Microsoft advisory
CVE-2015-1725
CVE-2015-1724
CVE-2015-1727
CVE-2015-1726
CVE-2015-1723
CVE-2015-1722
CVE-2015-2360
CVE-2015-1768
CVE-2015-1721
CVE-2015-1720
CVE-2015-1758
CVE-2015-1757
CVE-2015-1756
CVE-2015-1719
Эксплуатация
The following public exploits exists for this vulnerability:
https://www.exploit-db.com/exploits/38271
https://www.exploit-db.com/exploits/38270
https://www.exploit-db.com/exploits/38272
https://www.exploit-db.com/exploits/38268
https://www.exploit-db.com/exploits/38269
https://www.exploit-db.com/exploits/38273
https://www.exploit-db.com/exploits/38275
https://www.exploit-db.com/exploits/38265
https://www.exploit-db.com/exploits/38274
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
- Microsoft-Windows-Vista-2
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Microsoft-Windows-Server-2003
- Windows-RT
Список CVE
- CVE-2015-1725 high
- CVE-2015-1724 high
- CVE-2015-1727 high
- CVE-2015-1726 high
- CVE-2015-1723 high
- CVE-2015-1722 high
- CVE-2015-2360 high
- CVE-2015-1768 high
- CVE-2015-1721 high
- CVE-2015-1720 high
- CVE-2015-1758 high
- CVE-2015-1757 warning
- CVE-2015-1756 critical
- CVE-2015-1719 warning
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com