The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Windows Server 2003

computer vulnerability bulletin CVE-2015-1701

Windows: privilege escalation

Synthesis of the vulnerability

A local attacker can use a vulnerability of Windows, in order to escalate his privileges.
Impacted products: Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows Vista.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 21/04/2015.
Revision date: 23/06/2015.
Identifiers: CVE-2015-1701, VIGILANCE-VUL-16688.

Description of the vulnerability

A local attacker can use a vulnerability of Windows, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2015-1719 CVE-2015-1720 CVE-2015-1721

Microsoft Windows: 11 vulnerabilities of the kernel

Synthesis of the vulnerability

An attacker can use several vulnerabilities of the Microsoft Windows kernel.
Impacted products: Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows RT, Windows Vista.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, data reading.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 11.
Creation date: 10/06/2015.
Identifiers: 3057839, CERTFR-2015-AVI-248, CVE-2015-1719, CVE-2015-1720, CVE-2015-1721, CVE-2015-1722, CVE-2015-1723, CVE-2015-1724, CVE-2015-1725, CVE-2015-1726, CVE-2015-1727, CVE-2015-1768, CVE-2015-2360, MS15-061, VIGILANCE-VUL-17093.

Description of the vulnerability

Several vulnerabilities were announced in Microsoft Windows.

An attacker can read a memory fragment of the kernel, in order to obtain sensitive information. [severity:3/4; CVE-2015-1719]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-1720]

An attacker can bypass security features, in order to escalate his privileges. [severity:3/4; CVE-2015-1721]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-1722]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-1723]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-1724]

An attacker can generate a buffer overflow, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-1725]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-1726]

An attacker can generate a buffer overflow, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-1727]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-1768]

An attacker can bypass security features, in order to escalate his privileges. [severity:3/4; CVE-2015-2360]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2015-1728

Windows Media Player: code execution via DataObject

Synthesis of the vulnerability

An attacker can create a specially crafted file to be viewed with Windows Media Player, in order to execute code.
Impacted products: Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 7, Windows Vista.
Severity: 4/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: document.
Creation date: 10/06/2015.
Identifiers: 3033890, CERTFR-2015-AVI-245, CVE-2015-1728, MS15-057, VIGILANCE-VUL-17090.

Description of the vulnerability

The Windows Media Player is used to show multimedia files.

However, data represented with the DataObject data type are not handled as they should.

An attacker can therefore create a specially crafted file to be viewed with Windows Media Player, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2015-1676 CVE-2015-1677 CVE-2015-1678

Windows: six vulnerabilities of Kernel-Mode Drivers

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Kernel-Mode Drivers of Windows.
Impacted products: Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, data reading.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 6.
Creation date: 12/05/2015.
Revision date: 08/06/2015.
Identifiers: 3057191, CERTFR-2015-AVI-216, CVE-2015-1676, CVE-2015-1677, CVE-2015-1678, CVE-2015-1679, CVE-2015-1680, CVE-2015-1701, MS15-051, VIGILANCE-VUL-16892, ZDI-15-185, ZDI-15-186, ZDI-15-187, ZDI-15-188, ZDI-15-190.

Description of the vulnerability

Several vulnerabilities were announced in Windows.

An attacker can read a memory fragment, in order to obtain sensitive information. [severity:1/4; CVE-2015-1676, ZDI-15-190]

An attacker can read a memory fragment, in order to obtain sensitive information. [severity:1/4; CVE-2015-1677, ZDI-15-185]

An attacker can read a memory fragment, in order to obtain sensitive information. [severity:1/4; CVE-2015-1678, ZDI-15-186]

An attacker can read a memory fragment, in order to obtain sensitive information. [severity:1/4; CVE-2015-1679, ZDI-15-187]

An attacker can read a memory fragment, in order to obtain sensitive information. [severity:1/4; CVE-2015-1680, ZDI-15-188]

An attacker can bypass security features of Win32k.sys, in order to escalate his privileges. [severity:2/4; CVE-2015-1701]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2015-1716

Windows: information disclosure via Schannel

Synthesis of the vulnerability

An attacker, located as a Man-in-the-Middle, can force the Windows Schannel client to accept a weak algorithm, in order to more easily capture or alter exchanged data.
Impacted products: Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 1/4.
Consequences: data reading.
Provenance: intranet server.
Creation date: 12/05/2015.
Identifiers: 3061518, CERTFR-2015-AVI-220, CVE-2015-1716, MS15-055, VIGILANCE-VUL-16896.

Description of the vulnerability

The SChannel (Secure Channel) SSP implements the SSL and TLS protocols, which are used to authenticate the client/server and to create a secured tunnel.

The TLS protocol uses a series of messages which have to be exchanged between the client and the server, before establishing a secured session. Several cryptographic algorithms can be negotiated. However, Schannel accepts Diffie-Hellman Ephemeral keys of 512 bits only.

An attacker, located as a Man-in-the-Middle, can therefore force the Windows Schannel client to accept a weak algorithm, in order to more easily capture or alter exchanged data.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2015-1684 CVE-2015-1686

Windows: two vulnerabilities of JScript/VBScript

Synthesis of the vulnerability

An attacker can use several vulnerabilities of JScript/VBScript of Windows.
Impacted products: Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows Vista.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 12/05/2015.
Identifiers: 3057263, CERTFR-2015-AVI-218, CVE-2015-1684, CVE-2015-1686, MS15-053, VIGILANCE-VUL-16894, ZDI-15-183.

Description of the vulnerability

Several vulnerabilities were announced in Windows.

An attacker can use VBScript, in order to bypass ASLR. [severity:2/4; CVE-2015-1684, ZDI-15-183]

An attacker can use VBScript/JScript, in order to bypass ASLR. [severity:2/4; CVE-2015-1686]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2015-1702

Windows: privilege escalation via SCM

Synthesis of the vulnerability

An attacker can use SCM of Windows, in order to escalate his privileges.
Impacted products: Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 12/05/2015.
Identifiers: 3055642, CERTFR-2015-AVI-215, CVE-2015-1702, MS15-050, VIGILANCE-VUL-16891.

Description of the vulnerability

The Windows product offers a SCM (Service Control Manager) service.

However, SCM does not correctly manage the impersonation.

An attacker can therefore use SCM of Windows, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2015-1672 CVE-2015-1673

Microsoft .NET: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft .NET.
Impacted products: .NET Framework, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 3/4.
Consequences: user access/rights, denial of service on server, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 12/05/2015.
Identifiers: 3057134, CERTFR-2015-AVI-213, CVE-2015-1672, CVE-2015-1673, MS15-048, VIGILANCE-VUL-16889.

Description of the vulnerability

Several vulnerabilities were announced in Microsoft .NET.

An attacker can use the XML decryption feature to overload the server, in order to trigger a denial of service. [severity:2/4; CVE-2015-1672]

An attacker can generate a memory corruption in Windows Forms, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-1673]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2015-1670 CVE-2015-1671

Windows: two vulnerabilities of Font Drivers

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Font Drivers of Windows.
Impacted products: Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 4/4.
Consequences: user access/rights, denial of service on server.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 12/05/2015.
Identifiers: 3057110, CERTFR-2015-AVI-209, CVE-2015-1670, CVE-2015-1671, MS15-044, VIGILANCE-VUL-16885.

Description of the vulnerability

Several vulnerabilities were announced in Windows.

An attacker can bypass security features with an OpenType font, in order to obtain sensitive information. [severity:2/4; CVE-2015-1670]

An attacker can generate a memory corruption with a TrueType font, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1671]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2015-1648

Microsoft .NET: information disclosure via customErrors

Synthesis of the vulnerability

An attacker can generate an error in a Microsoft .NET/ASP.NET application, in order to obtain sensitive information.
Impacted products: IIS, .NET Framework, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 2/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 14/04/2015.
Identifiers: 3048010, CERTFR-2015-AVI-159, CVE-2015-1648, MS15-041, VIGILANCE-VUL-16604.

Description of the vulnerability

The Microsoft .NET uses the ASP.NET customErrors directive to define the type of error messages to be displayed.

However, when the customErrors mode is disabled, an attacker can trigger an error in order to read details about the application.

An attacker can therefore generate an error in a Microsoft .NET/ASP.NET application, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.