Lucene search

MitreCVE-2015-8328

HistoryNov 24, 2015 - 8:59 p.m.

CVE-2015-8328

2015-11-2420:59:23

CWE-119

mitre

web.nvd.nist.gov

cve-2015-8328

nvapi

nvidia

gpu

graphics driver

r340

r352

r358

windows

local user

sensitive information

denial of service

crash

privilege escalation

CVSS2

6.6

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:P/A:C

AI Score

6.7

Confidence

Low

EPSS

Percentile

5.2%

JSON

Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or possibly gain privileges via unknown vectors. NOTE: this identifier was SPLIT from CVE-2015-7869 per ADT2 and ADT3 due to different vulnerability types and affected versions.

Affected configurations

Nvd

Node

nvidiagpu_driverRange340–341.92

nvidiagpu_driverRange352–354.35

nvidiagpu_driverRange358–358.87

AND

microsoftwindows

VendorProductVersionCPE
nvidiagpu_driver*cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nvidia	gpu_driver	*	cpe:2.3:a:nvidia:gpu_driver::::::::
microsoft	windows	*	cpe:2.3:o:microsoft:windows::::::::

References

nvidia.custhelp.com/app/answers/detail/a_id/3808/kw/security

www.securitytracker.com/id/1034176

CVSS2

6.6

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:P/A:C

AI Score

6.7

Confidence

Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2015-8328