CVE-2015-2455

OWSAP

A03-Injection

EPSS

12.18%V3

Vector

Network

Published

2015-08-14 22:00 +00:00

Last Modified

2018-10-12 17:57 +00:00

Official links

CVE.org

NVD

Alert for a CVE

Stay informed of any changes for a specific CVE.

Alert management

List of Alerts

Alert for a CVE

Stay informed of any changes for a specific CVE.

Criteria applied when sending the alert: compared with the last alert sent + differences in CISA, EPSS, CVSS, CWE, Solutions, CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specified here a CVE ID as CVE-2024-1234

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

Descriptions

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, Silverlight before 5.1.40728, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allow remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability," a different vulnerability than CVE-2015-2456.

Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-20	Improper Input Validation The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Metrics

Metric	Score	Severity	CVSS Vector	Source
V2	9.3		AV:N/AC:M/Au:N/C:C/I:C/A:C	nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Exploit information

Exploit Database EDB-ID : 37919

Publication date : 2015-08-20 22:00 +00:00
Author : Google Security Research
EDB Verified : Yes

Source: https://code.google.com/p/google-security-research/issues/detail?id=368&can=1 We have encountered a number of Windows kernel crashes in the win32k!itrp_IUP function (a handler of the IUP[] TTF program instruction) while processing corrupted TTF font files, such as: --- PAGE_FAULT_IN_NONPAGED_AREA (50) Invalid system memory was referenced. This cannot be protected by try-except, it must be protected by a Probe. Typically the address is just plain bad or it is pointing at freed memory. Arguments: Arg1: ff6895b8, memory referenced. Arg2: 00000001, value 0 = read operation, 1 = write operation. Arg3: 91f4a4f1, If non-zero, the instruction address which referenced the bad memory address. Arg4: 00000000, (reserved) [...] FAULTING_IP: win32k!itrp_IUP+2fb 91f4a4f1 8904b2 mov dword ptr [edx+esi*4],eax MM_INTERNAL_CODE: 0 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0x50 PROCESS_NAME: csrss.exe CURRENT_IRQL: 0 LAST_CONTROL_TRANSFER: from 91f4bc79 to 91f4a4f1 STACK_TEXT: 8adcf3b8 91f4bc79 00000001 91f517d3 00000000 win32k!itrp_IUP+0x2fb 8adcf3c0 91f517d3 00000000 ff64eb28 00b61838 win32k!itrp_InnerExecute+0x38 8adcf3f8 91f4bc79 ff64eb28 91f4f088 ff64ebbc win32k!itrp_CALL+0x23b 8adcf400 91f4f088 ff64ebbc ff64eb84 ff64f95c win32k!itrp_InnerExecute+0x38 8adcf480 91f53234 00b61804 00b61838 ff64eb28 win32k!itrp_Execute+0x2b2 8adcf4a8 91f529dc 00b61804 00b61838 ff64eb28 win32k!itrp_ExecuteGlyphPgm+0x4a 8adcf4dc 91f51e5e ff64a570 00000001 00000000 win32k!fsg_SimpleInnerGridFit+0x102 8adcf574 91f5238c ff64a250 ff64b73c ff64eb28 win32k!fsg_ExecuteGlyph+0x1ce 8adcf5d0 91f52202 ff64a250 ff64eb28 ff64b6b4 win32k!fsg_CreateGlyphData+0xea 8adcf610 91f4f419 ff64a250 ff64eb28 ff64a2c4 win32k!fsg_GridFit+0x4d 8adcf688 91f5906c 00000001 8adcf6a4 91f58fc3 win32k!fs__Contour+0x287 8adcf694 91f58fc3 ff64a010 ff64a07c 8adcf6c0 win32k!fs_ContourGridFit+0x12 8adcf6a4 91f5991f ff64a010 ff64a07c 00000027 win32k!fs_NewContourGridFit+0x10 8adcf6c0 91f59960 fb8b0e78 00000027 8adcf6fc win32k!bGetGlyphOutline+0xd7 8adcf6e8 91f59b59 fb8b0e78 00000027 00000001 win32k!bGetGlyphMetrics+0x20 8adcf82c 91f4ec63 fb8b0e78 00000027 8adcf918 win32k!lGetGlyphBitmap+0x2b 8adcf850 91f4eab6 00000000 00000001 00000027 win32k!ttfdQueryFontData+0x158 8adcf8a0 91f4dce2 ff7af010 fba32cf0 00000001 win32k!ttfdSemQueryFontData+0x45 8adcf8e8 91f53774 ff7af010 fba32cf0 00000001 win32k!PDEVOBJ::QueryFontData+0x3e 8adcf960 91fcbc8d 8adcfc3c fb87ec00 ff6470cc win32k!xInsertMetricsPlusRFONTOBJ+0x120 8adcf990 91f4594d 0000000a ff7bf000 8adcfcd0 win32k!RFONTOBJ::bGetGlyphMetricsPlus+0x179 8adcf9c8 91fcb78b 8adcfc1c 8adcfc3c 00000008 win32k!ESTROBJ::vCharPos_H3+0xf0 8adcfa0c 91f455d0 8adcfcd0 0000000a 8adcfc1c win32k!ESTROBJ::vInit+0x268 8adcfc2c 91f45793 00000000 8adcfcd0 fba32cf0 win32k!GreGetTextExtentExW+0x12a 8adcfd0c 82657896 0801016f 02d90bac 0000000a win32k!NtGdiGetTextExtentExW+0x141 8adcfd0c 77b370f4 0801016f 02d90bac 0000000a nt!KiSystemServicePostCall WARNING: Frame IP not in any known module. Following frames may be wrong. 0021f6c4 00000000 00000000 00000000 00000000 0x77b370f4 --- Depending on the malformed font file, the crashes occur at various locations in the win32k!itrp_IUP function, such as: win32k!itrp_IUP+141: test [esi+edx], cl win32k!itrp_IUP+173: test [eax+edx], cl win32k!itrp_IUP+17b: mov eax, [ecx+ebx*4] win32k!itrp_IUP+184: mov ecx, [ecx] win32k!itrp_IUP+213: mov eax, [ebx] win32k!itrp_IUP+2c9: mov eax, [eax+esi*4] win32k!itrp_IUP+2fb: mov [edx+esi*4], eax win32k!itrp_IUP+317: add [eax+esi*4], edx This is caused by the fact that the function operates (reads from and writes to) on memory well beyond of the dynamically allocated buffers, leading to a pool-based buffer overflow of controlled size and content, consequently allowing for remote code execution in the context of the Windows kernel. It appears that the culprit of the vulnerability is the lack of handling of a corner case explicitly mentioned in the "The TrueType Instruction Set, Part 2" specification [1]: "This instruction operates on points in the glyph zone pointed to by zp2. This zone should almost always be zone 1. Applying IUP to zone 0 is an error." Every testcase we have examined contains an SZP2[] instruction ("Set Zone Pointer 2") with a 0 argument followed by the IUP[] instruction later on in the TTF program. The faulty instruction stream has the same outcome regardless of its location (i.e. font pre-program, glyph program etc.). The issue reproduces on Windows 7 and 8.1. It is easiest to reproduce with Special Pools enabled for win32k.sys (leading to an immediate crash when the bug is triggered), but it is also possible to observe a crash on a default Windows installation in the form of a crash in win32k!itrp_IUP or another location in kernel space, as caused by the corrupted pool state, depending on the specific testcase used. Attached is an archive with eight sample files, each crashing at a different location in the win32k!itrp_IUP function on Windows 7 32-bit, together with corresponding kernel crash logs. Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/37919.zip

Products Mentioned

Configuraton 0

Microsoft>>.net_framework >> Version 3.0

Microsoft>>.net_framework >> Version 3.0 (Open CPE detail)

Microsoft>>.net_framework >> Version 4.0

Microsoft>>.net_framework >> Version 4.0 (Open CPE detail)
Microsoft>>.net_framework >> Version 4.0 (Open CPE detail)
Microsoft>>.net_framework >> Version 4.0 (Open CPE detail)

Microsoft>>.net_framework >> Version 4.5

Microsoft>>.net_framework >> Version 4.5 (Open CPE detail)

Microsoft>>.net_framework >> Version 4.5.1

Microsoft>>.net_framework >> Version 4.5.1 (Open CPE detail)

Microsoft>>.net_framework >> Version 4.5.2

Microsoft>>.net_framework >> Version 4.5.2 (Open CPE detail)

Microsoft>>.net_framework >> Version 4.6

Microsoft>>.net_framework >> Version 4.6 (Open CPE detail)

Microsoft>>Windows_server_2008 >> Version -

Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)

Microsoft>>Windows_vista >> Version -

Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)

Configuraton 0

Microsoft>>.net_framework >> Version 3.5.1

Microsoft>>.net_framework >> Version 3.5.1 (Open CPE detail)

Microsoft>>Windows_7 >> Version -

Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)

Microsoft>>Windows_server_2008 >> Version r2

Microsoft>>Windows_server_2008 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version r2 (Open CPE detail)

Configuraton 0

Microsoft>>.net_framework >> Version 3.5

Microsoft>>.net_framework >> Version 3.5 (Open CPE detail)
Microsoft>>.net_framework >> Version 3.5 (Open CPE detail)
Microsoft>>.net_framework >> Version 3.5 (Open CPE detail)

Microsoft>>Windows_10 >> Version -

Microsoft>>Windows_10 >> Version - (Open CPE detail)
Microsoft>>Windows_10 >> Version - (Open CPE detail)
Microsoft>>Windows_10 >> Version - (Open CPE detail)
Microsoft>>Windows_10 >> Version - (Open CPE detail)
Microsoft>>Windows_10 >> Version - (Open CPE detail)

Microsoft>>Windows_8 >> Version -

Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)

Microsoft>>Windows_8.1 >> Version -

Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)

Microsoft>>Windows_server_2012 >> Version *

Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version 6.2.9200.24116 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)

Microsoft>>Windows_server_2012 >> Version r2

Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)

Configuraton 0

Microsoft>>Live_meeting >> Version 2007

Microsoft>>Live_meeting >> Version 2007 (Open CPE detail)

Microsoft>>Lync >> Version 2010

Microsoft>>Lync >> Version 2010 (Open CPE detail)
Microsoft>>Lync >> Version 2010 (Open CPE detail)
Microsoft>>Lync >> Version 2010 (Open CPE detail)
Microsoft>>Lync >> Version 2010 (Open CPE detail)
Microsoft>>Lync >> Version 2010 (Open CPE detail)
Microsoft>>Lync >> Version 2010 (Open CPE detail)

Microsoft>>Lync >> Version 2010

Microsoft>>Lync >> Version 2010 (Open CPE detail)

Microsoft>>Lync >> Version 2013

Microsoft>>Lync >> Version 2013 (Open CPE detail)

Microsoft>>Lync_basic >> Version 2013

Microsoft>>Office >> Version 2007

Microsoft>>Office >> Version 2007 (Open CPE detail)

Microsoft>>Office >> Version 2010

Microsoft>>Office >> Version 2010 (Open CPE detail)
Microsoft>>Office >> Version 2010 (Open CPE detail)
Microsoft>>Office >> Version 2010 (Open CPE detail)
Microsoft>>Office >> Version 2010 (Open CPE detail)
Microsoft>>Office >> Version 2010 (Open CPE detail)

Microsoft>>Silverlight >> Version To (including) 5.1.40416.0

Microsoft>>Silverlight >> Version 4.0.50401.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 4.0.50524.00 (Open CPE detail)
Microsoft>>Silverlight >> Version 4.0.50826.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 4.0.50917.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 4.0.51204.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 4.0.60129.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 4.0.60310.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 4.0.60531.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 4.0.60831.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 4.0.603310.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 4.1.10111 (Open CPE detail)
Microsoft>>Silverlight >> Version 4.1.10111.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 5.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 5.0.60401.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 5.0.60818.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 5.0.60818.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 5.0.61118.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 5.1.10411.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 5.1.20125.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 5.1.20513.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 5.1.20913.0 (Open CPE detail)
Microsoft>>Silverlight >> Version 5.1.30214.0 (Open CPE detail)

Configuraton 0

Microsoft>>Windows_10 >> Version -

Microsoft>>Windows_10 >> Version - (Open CPE detail)
Microsoft>>Windows_10 >> Version - (Open CPE detail)
Microsoft>>Windows_10 >> Version - (Open CPE detail)
Microsoft>>Windows_10 >> Version - (Open CPE detail)
Microsoft>>Windows_10 >> Version - (Open CPE detail)

Microsoft>>Windows_7 >> Version -

Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)
Microsoft>>Windows_7 >> Version - (Open CPE detail)

Microsoft>>Windows_8 >> Version -

Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)
Microsoft>>Windows_8 >> Version - (Open CPE detail)

Microsoft>>Windows_8.1 >> Version -

Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_8.1 >> Version - (Open CPE detail)

Microsoft>>Windows_rt >> Version -

Microsoft>>Windows_rt >> Version - (Open CPE detail)
Microsoft>>Windows_rt >> Version - (Open CPE detail)

Microsoft>>Windows_rt_8.1 >> Version -

Microsoft>>Windows_rt_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_rt_8.1 >> Version - (Open CPE detail)
Microsoft>>Windows_rt_8.1 >> Version - (Open CPE detail)

Microsoft>>Windows_server_2008 >> Version -

Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version - (Open CPE detail)

Microsoft>>Windows_server_2008 >> Version r2

Microsoft>>Windows_server_2008 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version r2 (Open CPE detail)

Microsoft>>Windows_server_2008 >> Version r2

Microsoft>>Windows_server_2008 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2008 >> Version r2 (Open CPE detail)

Microsoft>>Windows_server_2012 >> Version -

Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version - (Open CPE detail)

Microsoft>>Windows_server_2012 >> Version r2

Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)
Microsoft>>Windows_server_2012 >> Version r2 (Open CPE detail)

Microsoft>>Windows_vista >> Version -

Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)
Microsoft>>Windows_vista >> Version - (Open CPE detail)

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080
Tags : vendor-advisory, x_refsource_MS

https://www.exploit-db.com/exploits/37919/
Tags : exploit, x_refsource_EXPLOIT-DB

http://www.securitytracker.com/id/1033238
Tags : vdb-entry, x_refsource_SECTRACK

http://www.securityfocus.com/bid/76216
Tags : vdb-entry, x_refsource_BID

Lists Vulnerabilities

Sorted by Year

CVE Statistics

Specific Views

Vendors List

Products List

Lists CWE

Specific Views

Lasts 7 CWE

Lists CAPEC

Specifics Views

7 Lasts CAPEC

CVE-2015-2455

Alert for a CVE

Functionality requiring a connection

Descriptions

Informations

Related Weaknesses

Metrics

EPSS

EPSS Score

EPSS Percentile

Exploit information

Exploit Database EDB-ID : 37919

Products Mentioned

Configuraton 0

Configuraton 0

Configuraton 0

Configuraton 0

Configuraton 0

References

Lists Vulnerabilities

Sorted by Year

CVE Statistics

Specific Views

CVE

OWASP

CISA KEV

Vendors List

Products List

Lists CWE

Specific Views

Lasts 7 CWE

Lists CAPEC

Specifics Views

7 Lasts CAPEC

No result found

Alert System

CVE-2015-2455 : Detail

CVE-2015-2455

Alert for a CVE

Descriptions

Informations

Related Weaknesses

Metrics

EPSS

EPSS Score

EPSS Percentile

Exploit information

Exploit Database EDB-ID : 37919

Products Mentioned

Configuraton 0

Configuraton 0

Configuraton 0

Configuraton 0

Configuraton 0

References