Lucene search
Hfiref0xEDB-ID:37049HistoryMay 18, 2015 - 12:00 a.m.
Microsoft Windows - Local Privilege Escalation (MS15-051)
2015-05-1800:00:00
hfiref0x
www.exploit-db.com
913
7.6 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.005 Low
EPSS
Percentile
77.0%
# Source: https://github.com/hfiref0x/CVE-2015-1701
Win32k LPE vulnerability used in APT attack
Original info: https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html
Credits
R136a1 / hfiref0x
## Compiled EXE:
### x86
+ https://github.com/hfiref0x/CVE-2015-1701/raw/master/Compiled/Taihou32.exe
+ Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/37049-32.exe
### x64
+ https://github.com/hfiref0x/CVE-2015-1701/raw/master/Compiled/Taihou64.exe
+ Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/37049-64.exe
## Source Code:
+ https://github.com/hfiref0x/CVE-2015-1701/archive/master.zip
+ EDB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/37049-src.zipRelated
symantec
symantec
Microsoft Windows CVE-2015-1701 Local Privilege Escalation Vulnerability
2015-04-18 00:00:00
prion
prion
Privilege escalation
2015-04-21 10:59:00
packetstorm
packetstorm
Microsoft Windows ClientCopyImage Improper Object Handling
2015-06-22 00:00:00
Cellebrite UFED 7.5.0.845 Desktop Escape / Privilege Escalation
2020-05-14 00:00:00
zdt
zdt
Microsoft Windows ClientCopyImage Improper Object Handling Exploit
2015-06-23 00:00:00
myhack58
myhack58
exploitpack
exploitpack
Microsoft Windows - Local Privilege Escalation (MS15-051)
2015-05-18 00:00:00
metasploit
metasploit
Windows ClientCopyImage Win32k Exploit
2015-06-03 11:48:23
canvas
canvas
Immunity Canvas: MS15_051
2015-04-21 10:59:00
seebug
seebug
fireeye
fireeye
The EPS Awakens - Part 2
2015-12-20 19:45:00
Lessons from Operation RussianDoll
2016-03-09 11:00:00
The EPS Awakens
2015-12-16 08:00:00
cve
cve
CVE-2015-1701
2015-04-21 10:59:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows System CallBack Privilege Escalation (CVE-2015-1701)
2015-04-21 00:00:00
attackerkb
attackerkb
CVE-2015-1701
2015-04-21 00:00:00
cisa_kev
cisa_kev
Microsoft Win32k Privilege Escalation Vulnerability
2022-03-03 00:00:00
exploitdb
exploitdb
Microsoft Windows - ClientCopyImage Win32k (MS15-051) (Metasploit)
2015-06-24 00:00:00
threatpost
threatpost
APT Groups Exploiting Patch Microsoft Office Flaw CVE-2015-2545
2016-05-25 12:58:57
Malware Dropper Built to Target European Energy Company
2016-07-12 09:31:54
Researchers Crack Furtim, SFG Malware Connection
2016-07-18 13:26:09
korelogic
korelogic
Cellebrite Restricted Desktop Escape and Escalation of User Privilege
2020-05-14 00:00:00
thn
thn
State-Sponsored SCADA Malware targeting European Energy Companies
2016-07-13 00:12:00
talosblog
talosblog
China Chopper still active 9 years later
2019-08-27 08:14:42
trellix
trellix
Take a "NetWalk" on the Wild Side
2020-08-03 00:00:00
Take a "NetWalk" on the Wild Side
2020-08-03 00:00:00
nessus
nessus
mskb
mskb
kaspersky
kaspersky
KLA10580 Multiple vulnerabilities in Microsoft products
2015-05-12 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2015-05-13 00:00:00
7.6 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.005 Low
EPSS
Percentile
77.0%
Related for EDB-ID:37049