Lucene search

Japan Vulnerability NotesJVN:18146081

HistoryJun 12, 2015 - 12:00 a.m.

JVN#18146081: LoadLibrary function in Microsoft Windows fails to validate input properly

2015-06-1200:00:00

Japan Vulnerability Notes

jvn.jp

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0005 Low

EPSS

Percentile

17.8%

JSON

The LoadLibrary function in Microsoft Windows fails to validate input properly. As a result, it may load a specially crafted DLL file (CWE-114).

Impact

An arbitrary code may be executed as a result of an application loads a specially crafted DLL file.

Solution

Update the Software
This issue was addressed in MS15-063, released on June 10. 2015. Apply the update according to the information provided by Microsoft.

Products Affected

Microsoft Windows

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0005 Low

EPSS

Percentile

17.8%

JSON

Related for JVN:18146081