Multiple vulnerabilities in Microsoft Windows

Описание

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service or gain privileges.

Below is a complete list of vulnerabilities

1. Improper requests parsing at Windows Domain Name System (DNS) can be exploited remotely via a specially designed DNS requests to execute arbitrary code;
2. Improper fonts parsing at Uniscribe can be exploited remotely via a specially designed content to execute arbitrary code;
3. Improper input validation can be exploited locally via a specially designed application to execute arbitrary code;
4. Race condition at Windows Pragmatic General Multicast (PGM) protocol can be exploited by logged in attacker via a specially designed application to gain privileges;
5. Improper memory handling at Windows kernel can be exploited by logged in user to gain privileges.
6. Unspecified vulnerabilities in Windows Media Center

---

Technical details

Vulnerability (1) is relevant for Windows servers configured as DNS servers. Exploitation of this vulnerability can lead to arbitrary code execution in the context of Local System Account.

Vulnerability (3) caused by improper input validation before libraries loading.

Vulnerability (4) related to situation when attacker-induced race condition results in references to memory contents that have already been freed. This vulnerability id relevant only for systems with installed Microsoft Message Queuing and specifically enabled PGM which isn’t default configuration.

Первичный источник обнаружения

• CVE-2015-6127
  CVE-2015-6131
  CVE-2015-6130
  CVE-2015-6133
  CVE-2015-6132
  CVE-2015-6126
  CVE-2015-6125
  CVE-2015-6175
  CVE-2015-6174
  CVE-2015-6128
  CVE-2015-6171
  CVE-2015-6173
  

Эксплуатация

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/38912

https://www.exploit-db.com/exploits/38911

https://www.exploit-db.com/exploits/38968

https://www.exploit-db.com/exploits/38918

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows-Vista-2
• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008
• Windows-RT
• Microsoft-Windows-10
• Microsoft-Windows-Media-Center

Список CVE

• CVE-2015-6127
  warning
• CVE-2015-6131
  critical
• CVE-2015-6130
  critical
• CVE-2015-6133
  high
• CVE-2015-6132
  high
• CVE-2015-6126
  high
• CVE-2015-6125
  critical
• CVE-2015-6175
  high
• CVE-2015-6174
  high
• CVE-2015-6128
  high
• CVE-2015-6171
  high
• CVE-2015-6173
  high

Список KB

• 3108347
• 3109094
• 3109103
• 3116130
• 3108381
• 3108371
• 3116162
• 3100465
• 3116900
• 3116869
• 3119075
• 3108670
• 3108669

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com