Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10550
HistoryApr 14, 2015 - 12:00 a.m.

KLA10550 Code execution vulnerability in Microsoft HTTPS.sys

2015-04-1400:00:00
Kaspersky Lab
threats.kaspersky.com
101

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON

Detect date:

04/14/2015

Severity:

Critical

Description:

An unspecified vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed HTTP request.

Affected products:

Windows 7 x86, x64 Service Pack 1
Windows Server 2008 R2 x64, Itanium Service Pack 1
Windows 8 x86, x64
Windows 8.1 x86, x64
Windows Server 2012, 2012 R2

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

MS15-034
CVE-2015-1635

Impacts:

ACE

Related products:

Microsoft Windows Server 2012

Microsoft official advisories:

KB list:

3042553

Exploitation:

Public exploits exist for this vulnerability.

Related

zdt 3
nessus 2
seebug 1
packetstorm 1
openvas 2
cve 1
cisa_kev 1
checkpoint_advisories 1
symantec 1
myhack58 1
prion 1
attackerkb 1
metasploit 1
nuclei 1
cvelist 1
hackerone 1
nmap 1
ics 1
cisa 1
securityvulns 1
qualysblog 1
zdt
zdt
MS15-034 Microsoft IIS Remote Code Execution Exploit
2015-04-19 00:00:00
Microsoft Window - HTTP.sys PoC (MS15-034)
2015-04-15 00:00:00
Microsoft Window (HTTP.sys) HTTP Request Parsing DoS (MS15-034)
2015-04-17 00:00:00
nessus
nessus
MS15-034: Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553)
2015-04-14 00:00:00
MS15-034: Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553) (uncredentialed check)
2015-04-16 00:00:00
seebug
seebug
IIS η³»εˆ— Http.sys 倄理 Range ζ•΄ζ•°ζΊ’ε‡ΊζΌζ΄ž
2015-07-01 00:00:00
packetstorm
packetstorm
Microsoft Windows HTTP.sys Proof Of Concept
2015-04-16 00:00:00
openvas
openvas
Microsoft HTTP.sys RCE Vulnerability (MS15-034) - Active Check
2015-04-15 00:00:00
Microsoft Windows HTTP.sys Remote Code Execution Vulnerability (3042553)
2015-04-15 00:00:00
cve
cve
CVE-2015-1635
2015-04-14 20:59:00
cisa_kev
cisa_kev
Microsoft HTTP.sys Remote Code Execution Vulnerability
2022-02-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows HTTP.sys Remote Code Execution (MS15-034: CVE-2015-1635)
2015-04-14 00:00:00
symantec
symantec
Microsoft Windows HTTP Protocol Stack CVE-2015-1635 Remote Code Execution Vulnerability
2015-04-14 00:00:00
myhack58
myhack58
IIS the latest high-risk Vulnerability, CVE-2 0 1 5-1 6 3 5, AND MS15-0 3 4. THE POC and online detection of source-vulnerability warning-the black bar safety net
2015-04-16 00:00:00
prion
prion
Remote code execution
2015-04-14 20:59:00
attackerkb
attackerkb
CVE-2015-1635
2015-04-14 00:00:00
metasploit
metasploit
MS15-034 HTTP Protocol Stack Request Handling Denial-of-Service
2015-04-15 18:13:16
nuclei
nuclei
Microsoft Windows 'HTTP.sys' - Remote Code Execution
2023-11-23 15:24:42
cvelist
cvelist
CVE-2015-1635
2015-04-14 20:00:00
hackerone
hackerone
U.S. Dept Of Defense: [Urgent] Critical Vulnerability [RCE] on β–ˆβ–ˆβ–ˆ vulnerable to Remote Code Execution by exploiting MS15-034, CVE-2015-1635
2018-12-18 19:13:01
nmap
nmap
http-vuln-cve2015-1635 NSE Script
2015-05-22 04:23:50
ics
ics
Siemens Molecular Imaging Vulnerabilities
2017-08-09 12:00:00
cisa
cisa
CISA Adds 15 Known Exploited Vulnerabilities to Catalog
2022-02-10 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2015-04-16 00:00:00
qualysblog
qualysblog
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON
Related for KLA10550
zdt3nessus2seebug1packetstorm1openvas2cve1cisa_kev1checkpoint_advisories1symantec1myhack581prion1attackerkb1metasploit1nuclei1cvelist1hackerone1nmap1ics1cisa1securityvulns1qualysblog1