5 matches found
CVE-2015-1644
Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted...
CVE-2015-1644
CVE-2015-1644 describes an elevation-of-privilege flaw in Windows where impersonation levels are not properly constrained, enabling local users to gain privileges via a crafted application. Affected products include Windows Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Window...
Microsoft Windows MS-DOS Device Name Elevation of Privilege (MS15-038; CVE-2015-1644)
An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is caused when Microsoft Windows fails to properly validate and enforce impersonation levels. A remote attacker can exploit this issue by logging on to the system and running a specially crafted application...
Microsoft Windows CVE-2015-1644 Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain admin privileges on a targeted system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya CallPilot 5.0.1 Avaya CallPilot 5.1.0...
DosDevices Impersonation Process Creation Elevation of Privilege
The fix for CVE-2015-1644 doesn’t take into account process creation scenarios. If a process is created by a system service while impersonating another user their per-user drive mappings will still be used which could lead to EoP. Recent assessments: busterb at May 09, 2019 5:57pm UTC reported: N...