Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2015-2554

Published: 14/10/2015 Updated: 15/05/2019
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 725
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Windows Server 2012

Vulnerability Summary

The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Windows Object Reference Elevation of Privilege Vulnerability."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2012 r2

microsoft windows 8 -

microsoft windows server 2008 r2

microsoft windows 7 -

microsoft windows server 2008 -

microsoft windows vista -

microsoft windows 10 -

microsoft windows rt -

microsoft windows rt 8.1 -

microsoft windows server 2012 -

microsoft windows 8.1 -

Exploits

Exploit DB: Microsoft Windows - NtCreateLowBoxToken Handle Capture Local Denial of Service / Privilege Escalation (MS15-111)
Source: codegooglecom/p/google-security-research/issues/detail?id=483 Windows: NtCreateLowBoxToken Handle Capture Local DoS/Elevation of Privilege Platform: Windows 81 Update, Windows 10, Windows Server 2012 Class: Local Dos/Elevation of Privilege Summary: The NtCreateLowBoxToken API allows the capture of arbitrary handles which can le ...

References

CWE-264http://www.securityfocus.com/bid/76998http://www.securitytracker.com/id/1033805https://www.exploit-db.com/exploits/38580/https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-111https://nvd.nist.govhttps://www.exploit-db.com/exploits/38580/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injectionCVE-2024-35894SQLCVE-2024-5105CVE-2014-100005CVE-2024-35895unauthorizedCVE-2024-22120CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook