{"id": "CVE-2015-6171", "bulletinFamily": "NVD", "title": "CVE-2015-6171", "description": "The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka \"Windows Kernel Memory Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2015-6173 and CVE-2015-6174.", "published": "2015-12-09T06:59:52", "modified": "2016-12-07T13:19:04", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6171", "reporter": "NVD", "references": ["http://www.securitytracker.com/id/1034334", "http://technet.microsoft.com/security/bulletin/MS15-135"], "cvelist": ["CVE-2015-6171"], "type": "cve", "lastseen": "2017-04-18T15:57:51", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/o:microsoft:windows_8:-:-:x86", "cpe:/o:microsoft:windows_10:-::~~~~x64~", "cpe:/o:microsoft:windows_server_2012:r2:-:~-~essentials~~~", "cpe:/o:microsoft:windows_10:-::~~~~x86~", "cpe:/o:microsoft:windows_server_2008::sp2", "cpe:/o:microsoft:windows_7::sp1:x64", "cpe:/o:microsoft:windows_8:-:-:x64", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2008:r2:sp1", "cpe:/o:microsoft:windows_8.1:-:-:~-~-~-~x64~", "cpe:/o:microsoft:windows_server_2012:r2:-:~-~datacenter~~~", "cpe:/o:microsoft:windows_server_2012:r2:-:~-~standard~~~", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_7::sp1:x86", "cpe:/o:microsoft:windows_8.1:-:-:~-~-~-~x86~", "cpe:/o:microsoft:windows_10:1511::~~~~x64~", "cpe:/o:microsoft:windows_vista::sp2", "cpe:/o:microsoft:windows_rt:-", "cpe:/o:microsoft:windows_10:1511::~~~~x86~"], "cvelist": ["CVE-2015-6171"], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka \"Windows Kernel Memory Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2015-6173 and CVE-2015-6174.", "edition": 1, "hash": "2b4ee8c46d3d71deb5a9a6427235ee27d4075581f21383a77fdb063293ab24d4", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "1f4f33d1a04f96c6cde3f21949b44b59", "key": "modified"}, {"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "5c73651a54223b4335bcc966f49a8b5d", "key": "description"}, {"hash": "807954d18f0e4e979c66b737930bc412", "key": "title"}, {"hash": "b272f020d7e03ddb14df5084df1ab8a7", "key": "cvelist"}, {"hash": "2f021d11d4c3e20c8b5b0f31d7cd6e60", "key": "cpe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "bf67f8771484a11b525ba4e90ac13537", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "cc331df2db13dd6da2a9fe4be9ca1804", "key": "href"}, {"hash": "3dab480ad5a922febe3d390f37fe4b74", "key": "references"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6171", "id": "CVE-2015-6171", "lastseen": "2016-09-03T23:02:32", "modified": "2015-12-09T13:07:05", "objectVersion": "1.2", "published": "2015-12-09T06:59:52", "references": ["http://technet.microsoft.com/security/bulletin/MS15-135"], "reporter": "NVD", "scanner": [], "title": "CVE-2015-6171", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T23:02:32"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "2f021d11d4c3e20c8b5b0f31d7cd6e60"}, {"key": "cvelist", "hash": "b272f020d7e03ddb14df5084df1ab8a7"}, {"key": "cvss", "hash": "cfd16da9581e0c21db590e40dfd9e493"}, {"key": "description", "hash": "5c73651a54223b4335bcc966f49a8b5d"}, {"key": "href", "hash": "cc331df2db13dd6da2a9fe4be9ca1804"}, {"key": "modified", "hash": "6f13a4fe4c7e4e244526f99d7e427b64"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "bf67f8771484a11b525ba4e90ac13537"}, {"key": "references", "hash": "bf043a1e786ed5bab3af725e1a3af23d"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "807954d18f0e4e979c66b737930bc412"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "18944ffd458875ddb207d04a072d069021956ae044deca68133d1ce1e95a8ca8", "viewCount": 6, "objectVersion": "1.2", "cpe": ["cpe:/o:microsoft:windows_8:-:-:x86", "cpe:/o:microsoft:windows_10:-::~~~~x64~", "cpe:/o:microsoft:windows_server_2012:r2:-:~-~essentials~~~", "cpe:/o:microsoft:windows_10:-::~~~~x86~", "cpe:/o:microsoft:windows_server_2008::sp2", "cpe:/o:microsoft:windows_7::sp1:x64", "cpe:/o:microsoft:windows_8:-:-:x64", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2008:r2:sp1", "cpe:/o:microsoft:windows_8.1:-:-:~-~-~-~x64~", "cpe:/o:microsoft:windows_server_2012:r2:-:~-~datacenter~~~", "cpe:/o:microsoft:windows_server_2012:r2:-:~-~standard~~~", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_7::sp1:x86", "cpe:/o:microsoft:windows_8.1:-:-:~-~-~-~x86~", "cpe:/o:microsoft:windows_10:1511::~~~~x64~", "cpe:/o:microsoft:windows_vista::sp2", "cpe:/o:microsoft:windows_rt:-", "cpe:/o:microsoft:windows_10:1511::~~~~x86~"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": [], "enchantments": {"vulnersScore": 8.3}}

{"result": {"symantec": [{"id": "SMNTC-78506", "type": "symantec", "title": "Microsoft Windows Kernel CVE-2015-6171 Local Privilege Escalation Vulnerability", "description": "### Description\n\nMicrosoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges.\n\n### Technologies Affected\n\n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1511 for 32-bit Systems \n * Microsoft Windows 10 version 1511 for x64-based Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8 for 32-bit Systems \n * Microsoft Windows 8 for x64-based Systems \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows RT \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Vista Service Pack 2 \n * Microsoft Windows Vista x64 Edition Service Pack 2 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nTo exploit this vulnerability, an attacker requires local access to an affected computer. Grant local access for trusted and accountable users only.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "published": "2015-12-08T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/78506", "cvelist": ["CVE-2015-6171"], "lastseen": "2018-03-11T18:48:56"}], "zdt": [{"id": "1337DAY-ID-25721", "type": "zdt", "title": "Microsoft Windows Kernel win32k!OffsetChildren - Null Pointer Dereference", "description": "Exploit for windows platform in category dos / poc", "published": "2015-12-17T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://0day.today/exploit/description/25721", "cvelist": ["CVE-2015-6171"], "lastseen": "2018-04-07T23:42:55"}], "exploitdb": [{"id": "EDB-ID:39025", "type": "exploitdb", "title": "Windows Kernel win32k!OffsetChildren - Null Pointer Dereference", "description": "Windows Kernel win32k!OffsetChildren - Null Pointer Dereference. CVE-2015-6171. Dos exploit for windows platform", "published": "2015-12-17T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/39025/", "cvelist": ["CVE-2015-6171"], "lastseen": "2016-02-04T09:20:40"}], "nessus": [{"id": "SMB_NT_MS15-135.NASL", "type": "nessus", "title": "MS15-135: Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3119075)", "description": "The remote Windows host is affected by multiple elevation of privilege vulnerabilities due to improper handling of objects in memory by the Windows kernel. An authenticated, remote attacker can exploit these vulnerabilities by running a specially crafted application, resulting in an elevation of privileges.", "published": "2015-12-08T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87264", "cvelist": ["CVE-2015-6173", "CVE-2015-6174", "CVE-2015-6175", "CVE-2015-6171"], "lastseen": "2017-10-29T13:34:06"}], "openvas": [{"id": "OPENVAS:1361412562310806776", "type": "openvas", "title": "Microsoft Windows Kernel-Mode Drivers Code Execution Vulnerability (3119075)", "description": "This host is missing an important security\n update according to Microsoft Bulletin MS15-135.", "published": "2015-12-09T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806776", "cvelist": ["CVE-2015-6173", "CVE-2015-6174", "CVE-2015-6175", "CVE-2015-6171", "CVE-2015-6108", "CVE-2015-6106", "CVE-2015-6107"], "lastseen": "2017-07-02T21:11:46"}], "kaspersky": [{"id": "KLA10714", "type": "kaspersky", "title": "\r KLA10714Multiple vulnerabilities in Microsoft Windows\t\t\t ", "description": "### *CVSS*:\n9.3\n\n### *Detect date*:\n12/08/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service or gain privileges.\n\n### *Affected products*:\nMicrosoft Windows Vista Service Pack 2 \nMicrosoft Windows Server 2008 Service Pack 2 \nMicrosoft Windows 7 Service Pack 1 \nMicrosoft Windows Server 2008 R2 Service Pack 1 \nMicrosoft Windows 8 \nMicrosoft Windows 8.1 \nMicrosoft Windows Server 2012 \nMicrosoft Windows Server 2012 R2 \nMicrosoft Windows 10 \nMicrosoft Windows 10 version 1511\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[MS15-127](<https://technet.microsoft.com/en-us/library/security/MS15-127>) \n[MS15-133](<https://technet.microsoft.com/en-us/library/security/MS15-133>) \n[MS15-132](<https://technet.microsoft.com/en-us/library/security/MS15-132>) \n[MS15-135](<https://technet.microsoft.com/en-us/library/security/MS15-135>) \n[MS15-130](<https://technet.microsoft.com/en-us/library/security/MS15-130>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Windows RT](<https://threats.kaspersky.com/en/product/Windows-RT/>)\n\n### *CVE-IDS*:\n[CVE-2015-6173](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6173>) \n[CVE-2015-6171](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6171>) \n[CVE-2015-6128](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6128>) \n[CVE-2015-6174](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6174>) \n[CVE-2015-6175](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6175>) \n[CVE-2015-6125](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6125>) \n[CVE-2015-6126](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6126>) \n[CVE-2015-6132](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6132>) \n[CVE-2015-6133](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6133>) \n[CVE-2015-6130](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6130>) \n\n\n### *Microsoft official advisories*:\n[MS15-127](<https://technet.microsoft.com/en-us/library/security/MS15-127>)\n\n### *KB list*:\n[3108347](<http://support.microsoft.com/kb/3108347>) \n[3109094](<http://support.microsoft.com/kb/3109094>) \n[3109103](<http://support.microsoft.com/kb/3109103>) \n[3116130](<http://support.microsoft.com/kb/3116130>) \n[3108381](<http://support.microsoft.com/kb/3108381>) \n[3108371](<http://support.microsoft.com/kb/3108371>) \n[3116162](<http://support.microsoft.com/kb/3116162>) \n[3100465](<http://support.microsoft.com/kb/3100465>) \n[3116900](<http://support.microsoft.com/kb/3116900>) \n[3116869](<http://support.microsoft.com/kb/3116869>) \n[3119075](<http://support.microsoft.com/kb/3119075>) \n[3108670](<http://support.microsoft.com/kb/3108670>)", "published": "2015-12-08T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10714", "cvelist": ["CVE-2015-6128", "CVE-2015-6125", "CVE-2015-6173", "CVE-2015-6174", "CVE-2015-6133", "CVE-2015-6132", "CVE-2015-6175", "CVE-2015-6171", "CVE-2015-6126", "CVE-2015-6130"], "lastseen": "2018-03-30T14:10:45"}]}}