CVE-2015-7866

2015-11-2420:59:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2015-7866

unquoted path vulnerability

smart maximize helper

nvidia gpu graphics driver

windows

privilege escalation

nvd

6.6 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Unquoted Windows search path vulnerability in the Smart Maximize Helper (nvSmartMaxApp.exe) in the Control Panel in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to gain privileges via a Trojan horse application, as demonstrated by C:\Program.exe.

CPENameOperatorVersion
nvidia:gpu_drivernvidia gpu driverlt341.92
nvidia:gpu_drivernvidia gpu driverlt354.35
nvidia:gpu_drivernvidia gpu driverlt358.87