9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.8%
Name | lnk_exec |
---|---|
CVE | CVE-2015-0096 Exploit Pack |
CVE Name: CVE-2015-0096 | |
VENDOR: Microsoft | |
NOTES: | |
Tested on: | |
- Windows 7 (32bit) | |
- Internet Explorer 8 (a popup will appear if Protected Mode is enabled) | |
- Internet Explorer 9 | |
- Internet Explorer 10 (a popup will appear if Protected Mode is enabled) | |
- Internet Explorer 11 (a popup will appear if Protected Mode is enabled) |
Use port 80 as the server port (Windows requirement related to WebDAV). Also, under
the Response tab of ClientD main window, the option βRespond directly with exploitβ
must be selected.
NOTE: To trigger the exploit the content icon of the WebDAV folder must be redrawn.
If for some reasons Explorer (launched by IE) is in background, it will fail to trigger.
Date public: 03/11/2015
CVE Url: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0096
CVSS: 9.3