Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2015-2423
HistoryAug 15, 2015 - 12:59 a.m.

Code injection

2015-08-1500:59:00
PRIOn knowledge base
www.prio-n.com
3

7 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.012 Low

EPSS

Percentile

84.6%

JSON

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Visio 2013 RT SP1, Word 2013 RT SP1, and Internet Explorer 7 through 11 allow remote attackers to gain privileges and obtain sensitive information via a crafted command-line parameter to an Office application or Notepad, as demonstrated by a transition from Low Integrity to Medium Integrity, aka “Unsafe Command Line Parameter Passing Vulnerability.”

Related

symantec 1
openvas 7
checkpoint_advisories 1
mskb 3
cvelist 1
nessus 3
cve 1
threatpost 1
kaspersky 3
securityvulns 1
symantec
symantec
Multiple Microsoft Products CVE-2015-2423 Local Information Disclosure Vulnerability
2015-08-11 00:00:00
openvas
openvas
Microsoft Windows Command Line Parameter Information Disclosure Vulnerability (3082458)
2015-08-12 00:00:00
Microsoft Office Excel Multiple Remote Code Execution Vulnerabilities (3080790)
2015-08-12 00:00:00
Microsoft Visio Multiple Remote Code Execution Vulnerabilities (3080790)
2015-08-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Information Disclosure (MS15-079: CVE-2015-2423)
2015-08-11 00:00:00
mskb
mskb
MS15-088: Unsafe command-line parameter passing could allow information disclosure: August 11, 2015
2015-08-11 00:00:00
MS15-081: Vulnerabilities in Microsoft Office could allow remote code execution: August 11, 2015
2015-08-11 00:00:00
MS15-079: Cumulative security update for Internet Explorer: August 11, 2015
2015-08-11 00:00:00
cvelist
cvelist
CVE-2015-2423
2015-08-15 00:00:00
nessus
nessus
MS15-088: Unsafe Command Line Parameter Passing Could Allow Information Disclosure (3082458)
2015-08-11 00:00:00
MS15-081: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3080790)
2015-08-12 00:00:00
MS15-079: Cumulative Security Update for Internet Explorer (3082442)
2015-08-11 00:00:00
cve
cve
CVE-2015-2423
2015-08-15 00:59:00
threatpost
threatpost
August 2015 Microsoft Patch Tuesday Security Bulletins
2015-08-11 14:56:53
kaspersky
kaspersky
KLA10645 Multiple vulnerabilities in Microsoft Office
2015-08-11 00:00:00
KLA10648 Multiple vulnerabilities in Internet Explorer
2015-08-11 00:00:00
KLA10646 Multiple vulnerabilities in Microsoft Windows
2015-08-11 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2015-08-24 00:00:00

7 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.012 Low

EPSS

Percentile

84.6%

JSON
Related for PRION:CVE-2015-2423
symantec1openvas7checkpoint_advisories1mskb3cvelist1nessus3cve1threatpost1kaspersky3securityvulns1