| Vulnerability Name: | CVE-2015-1674 (CCN-102711) | ||||||||
| Assigned: | 2015-05-12 | ||||||||
| Published: | 2015-05-12 | ||||||||
| Updated: | 2019-05-14 | ||||||||
| Summary: | The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate an unspecified address, which allows local users to bypass the KASLR protection mechanism, and consequently discover the cng.sys base address, via a crafted application, aka "Windows Kernel Security Feature Bypass Vulnerability." | ||||||||
| CVSS v3 Severity: | 2.8 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P) 3.6 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)
1.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-254 | ||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||
| References: | Source: MITRE Type: CNA CVE-2015-1674 Source: CCN Type: Microsoft Security Bulletin MS15-052 Vulnerability in Windows Kernel Could Allow Security Feature Bypass (3050514) Source: CCN Type: Microsoft Security Bulletin MS15-085 Vulnerability in Mount Manager Could Allow Elevation of Privilege (3082487) Source: CCN Type: Microsoft Security Bulletin MS15-090 Vulnerabilities in Microsoft Windows Could Allow Security Bypass (3060716) Source: CCN Type: Microsoft Security Bulletin MS15-111 Security Update for Windows Kernel to Address Elevation of Privilege (3096447) Source: CCN Type: Microsoft Security Bulletin MS15-115 Security Update for Microsoft Windows to Address Remote Code Execution (3105864) Source: CCN Type: Microsoft Security Bulletin MS15-122 Security Update for Kerberos to Address Security Feature Bypass (3105256) Source: CCN Type: Microsoft Security Bulletin MS15-128 Security Update for Microsoft Graphics Component to Address Remote Code Execution (3104503) Source: CCN Type: Microsoft Security Bulletin MS15-132 Security Update for Microsoft Windows to Address Remote Code Execution (3116162) Source: CCN Type: Microsoft Security Bulletin MS15-135 Security Update for Windows Kernel Mode Drivers to Address Elevation of Privilege (3119075) Source: CCN Type: Microsoft Security Bulletin MS16-008 Security Update for Kernel to Address Elevation of Privilege (3124605) Source: CCN Type: Microsoft Security Bulletin MS16-014 Security update for Microsoft Windows to Address Remote Code Execution (3134228) Source: CCN Type: Microsoft Security Bulletin MS16-031 Security Update for Microsoft Windows to Address Elevation of Privilege (3140410) Source: CCN Type: Microsoft Security Bulletin MS16-035 Security Update for .NET Framework to Address Security Feature Bypass (3141780) Source: CCN Type: Microsoft Security Bulletin MS16-044 Security Update for Windows OLE (3146706) Source: CCN Type: Microsoft Security Bulletin MS16-047 Security Update for SAM and LSAD Remote Protocols (3148527) Source: CCN Type: Microsoft Security Bulletin MS16-048 Security Update for CSRSS (3148528) Source: CCN Type: Microsoft Security Bulletin MS16-060 Security Update for Windows Kernel (3154846) Source: CCN Type: Microsoft Security Bulletin MS16-061 Security Update for Microsoft RPC (3155520) Source: CCN Type: Microsoft Security Bulletin MS16-075 Security Update for Windows SMB Server (3164038) Source: CCN Type: Microsoft Security Bulletin MS16-076 Security Update for Netlogon (3167691) Source: CCN Type: Microsoft Security Bulletin MS16-092 Security Update for Windows Kernel (3171910) Source: CCN Type: Microsoft Security Bulletin MS16-101 Security Update for Windows Authentication Methods (3178465) Source: CCN Type: Microsoft Security Bulletin MS16-110 Security Update for Windows (3178467) Source: CCN Type: Microsoft Security Bulletin MS16-111 Security Update for Windows Kernel (3186973) Source: CCN Type: Microsoft Security Bulletin MS16-120 Security Update for Microsoft Graphics Component (3192884) Source: CCN Type: Microsoft Security Bulletin MS16-122 Security Update for Microsoft Video Control (3195360) Source: CCN Type: Microsoft Security Bulletin MS16-123 Security Update for Kernel-Mode Drivers (3192892) Source: CCN Type: Microsoft Security Bulletin MS16-124 Security Update for Windows Registry (3193227) Source: CCN Type: Microsoft Security Bulletin MS16-126 Security Update for Microsoft Internet Messaging API (3196067) Source: CCN Type: Microsoft Security Bulletin MS16-131 Security Update for Microsoft Video Control (3199151) Source: CCN Type: Microsoft Security Bulletin MS16-139 Security Update for Windows Kernel (3199720) Source: CCN Type: Microsoft Security Bulletin MS16-155 Security Update for .NET Framework (3205640) Source: CCN Type: Microsoft Security Bulletin MS17-006 Cumulative Security Update for Internet Explorer (4013073) Source: CCN Type: Microsoft Security Bulletin MS17-013 Security Update for Microsoft Graphics Component (4013075) Source: BID Type: Third Party Advisory, VDB Entry 74488 Source: CCN Type: BID-74488 Microsoft Windows Kernel CVE-2015-1674 Local Security Bypass Vulnerability Source: SECTRACK Type: Third Party Advisory, VDB Entry 1032292 Source: MS Type: Patch, Vendor Advisory MS15-052 Source: XF Type: UNKNOWN ms-kernel-cve20151674-security-bypass(102711) Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [05-18-2015] Source: EXPLOIT-DB Type: Exploit, Third Party Advisory, VDB Entry 37052 Source: CCN Type: ZDI-15-189 (Pwn2Own) Microsoft Windows CNG Information Disclosure Vulnerability | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||