Lucene search

[email protected]CVE-2015-2474

HistoryAug 15, 2015 - 12:59 a.m.

CVE-2015-2474

2015-08-1500:59:33

CWE-119

[email protected]

web.nvd.nist.gov

cve-2015-2474

microsoft windows

vista

server 2008

remote execution

smb

memory corruption

vulnerability

nvd

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.354 Low

EPSS

Percentile

97.2%

JSON

Microsoft Windows Vista SP2 and Server 2008 SP2 allow remote authenticated users to execute arbitrary code via a crafted string in a Server Message Block (SMB) server error-logging action, aka “Server Message Block Memory Corruption Vulnerability.”

Affected configurations

NVD

Node

microsoftwindows_server_2008sp2

microsoftwindows_vistaMatch-sp2

CPENameOperatorVersion
microsoft:windows_server_2008microsoft windows server 2008eq*
microsoft:windows_vistamicrosoft windows vistaeq-

CPE	Name	Operator	Version
microsoft:windows_server_2008	microsoft windows server 2008	eq	*
microsoft:windows_vista	microsoft windows vista	eq	-

References

www.securitytracker.com/id/1033243

docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-083

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.354 Low

EPSS

Percentile

97.2%

JSON

Related for CVE-2015-2474

openvas1 prion1 nessus1 symantec1 nvd1 cvelist1 kaspersky1 securityvulns1