Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10542
HistoryMar 10, 2015 - 12:00 a.m.

KLA10542 Multiple vulnerabilities in Microsoft Kernel-Mode Driver

2015-03-1000:00:00
Kaspersky Lab
threats.kaspersky.com
16

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

14.2%

JSON

Detect date:

03/10/2015

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, cause denial of service and obtain sensitive information.

Affected products:

Windows Server 2003 x86, x64, Itamium-based Service Pack 2
Windows Vista x86, x64 Service Pack 2
Windows Server 2008 x86, x64, Itanium-based Service Pack 2
Windows 7 x86, x64 Service Pack 1
Windows Server 2008 R2 x64, Itanium-based Service Pack 1
Windows 8, 8.1 x86, x64
Windows RT, RT 8.1

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

MS15-023
CVE-2015-0077
CVE-2015-0078
CVE-2015-0095
CVE-2015-0094

Impacts:

OSI

Related products:

Microsoft Windows Vista

CVE-IDS:

CVE-2015-00772.1Warning
CVE-2015-00787.2High
CVE-2015-00955.6High
CVE-2015-00942.1Warning

Microsoft official advisories:

KB list:

3034344

Exploitation:

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

References

Related

nessus 2
openvas 1
cve 4
exploitpack 1
symantec 4
prion 4
zdi 2
exploitdb 1
zdt 1
packetstorm 1
securityvulns 1
nessus
nessus
MS15-023: Vulnerabilities in Kernel-Mode Driver Could Allow Elevation of Privilege (3034344)
2015-03-10 00:00:00
Apache Struts 2.x < 2.3.16.2 Multiple Vulnerabilities (S2-020)
2018-09-10 00:00:00
openvas
openvas
Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerabilities (3034344)
2015-03-11 00:00:00
cve
cve
CVE-2015-0095
2015-03-11 10:59:00
CVE-2015-0094
2015-03-11 10:59:00
CVE-2015-0078
2015-03-11 10:59:00
exploitpack
exploitpack
Microsoft Windows - NtUserGetClipboardAccessToken Token Leak (MS15-023)
2015-09-15 00:00:00
symantec
symantec
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-0078 Local Privilege Escalation Vulnerability
2015-03-10 00:00:00
Microsoft Windows Kernel Mode Driver CVE-2015-0095 Local Information Disclosure Vulnerability
2015-03-10 00:00:00
Microsoft Windows Kernel Mode Driver CVE-2015-0094 Local Information Disclosure Vulnerability
2015-03-10 00:00:00
prion
prion
Privilege escalation
2015-03-11 10:59:00
Null pointer dereference
2015-03-11 10:59:00
Design/Logic Flaw
2015-03-11 10:59:00
zdi
zdi
Microsoft Windows NtUserfnINOUTNCCALCSIZE Information Leak Vulnerability
2015-03-10 00:00:00
Microsoft Windows NtUserfnINSTRINGNULL Information Leak Vulnerability
2015-03-10 00:00:00
exploitdb
exploitdb
Microsoft Windows - NtUserGetClipboardAccessToken Token Leak (MS15-023)
2015-09-15 00:00:00
zdt
zdt
Microsoft Windows LNK File Code Execution Exploit
2017-11-09 00:00:00
packetstorm
packetstorm
Microsoft Windows LNK File Code Execution
2017-11-08 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2015-04-16 00:00:00

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

14.2%

JSON
Related for KLA10542
nessus2openvas1cve4exploitpack1symantec4prion4zdi2exploitdb1zdt1packetstorm1securityvulns1