Skip to main content

Windows 2003 Server CVE-2015-1768

HIGH
Buffer Overflow (CWE-119)
2015-06-10 secure@microsoft.com
7.2
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:L/AC:L/Au:N/C:C/I:C/A:C
Attack Vector
Local
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

1
CVE Published
Jun 10, 2015 - 01:59 cve.org
HIGH 7.2

DescriptionCVE.org

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Win32k Memory Corruption Elevation of Privilege Vulnerability."

AnalysisAI

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Win32k Memory Corruption Elevation of Privilege Vulnerability." Affected products include: Microsoft Windows 2003 Server, Microsoft Windows Server 2003.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2012-2556 CRITICAL
9.3 Dec 12

The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2,

CVE-2012-0175 HIGH
8.8 Jul 10

The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2,

CVE-2015-2365 HIGH POC
7.2 Jul 14

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server

CVE-2015-2370 HIGH POC
7.2 Jul 14

The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP

CVE-2015-0005 MEDIUM POC
4.3 Mar 11

The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 G

CVE-2012-1867 HIGH
8.4 Jun 12

Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2,

CVE-2015-2417 MEDIUM
5.0 Jul 14

OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows

CVE-2015-2416 MEDIUM
5.0 Jul 14

OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows

CVE-2013-1342 HIGH
7.8 Sep 11

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, W

CVE-2015-2369 MEDIUM
6.9 Jul 14

Untrusted search path vulnerability in Windows Media Device Manager in Microsoft Windows Server 2003 SP2, Windows Vista

CVE-2015-0075 HIGH
7.2 Mar 11

The kernel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP

CVE-2012-1864 HIGH
7.2 Jun 12

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, W

Share

CVE-2015-1768 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy