Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10580
HistoryMay 12, 2015 - 12:00 a.m.

KLA10580 Multiple vulnerabilities in Microsoft products

2015-05-1200:00:00
Kaspersky Lab
threats.kaspersky.com
98

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.4

Confidence

High

EPSS

0.834

Percentile

98.5%

JSON

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, gain privileges or obtain sensitive information.

Below is a complete list of vulnerabilities

  1. An unknown vulnerability can be exploited remotely via a specially designed XML data or specially designed application;
  2. Improper memory handling and other unknown vulnerability can be exploited locally via a specially designed application;
  3. Improper memory address validation can be exploited locally via a specially designed application or .msc file;
  4. Improper ASL usage can be exploited remotely via a specially designed web site;
  5. An weak encryption can be exploited remotely via an unknown vectors.

Original advisories

Microsoft bulletin

CVE-2015-1686

CVE-2015-1684

CVE-2015-1702

CVE-2015-1679

CVE-2015-1678

CVE-2015-1680

CVE-2015-1672

CVE-2015-1701

CVE-2015-1677

CVE-2015-1676

CVE-2015-1681

CVE-2015-1674

CVE-2015-1673

CVE-2015-1716

Exploitation

This vulnerability can be exploited by the following malware:

https://threats.kaspersky.com/en/threat/Exploit.Win32.CVE-2015-1701/

Public exploits exist for this vulnerability.

Related products

Microsoft-Windows-Vista-4

Microsoft-Windows-Server-2012

Microsoft-Windows-8

Microsoft-Windows-7

Microsoft-Windows-Server-2008

Microsoft-Windows-Server-2003

Windows-RT

CVE list

CVE-2015-1686 warning

CVE-2015-1684 warning

CVE-2015-1702 high

CVE-2015-1679 warning

CVE-2015-1678 warning

CVE-2015-1680 warning

CVE-2015-1672 warning

CVE-2015-1701 high

CVE-2015-1677 warning

CVE-2015-1676 warning

CVE-2015-1681 warning

CVE-2015-1674 warning

CVE-2015-1673 critical

CVE-2015-1716 warning

KB list

3045171

3050941

3049563

3050946

3050945

3032655

3055642

3023221

3051768

3035490

3023219

3050514

3057263

3023211

3023213

3023215

3023217

3032662

3032663

3023220

3057134

3023222

3061518

3057191

3035489

3035488

3035487

3035486

3035485

3023223

3023224

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

  • PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

  • RLF

Read Local Files. Exploitation of vulnerabilities with this impact can lead to reading some inaccessible files. Files that can be read depends on conсrete program errors.

Affected Products

  • Windows Server 2003 x86, x64, Itanium Service Pack 2Windows Vista x86, x64 Service Pack 2Windows Server 2008 x86, x64, Itanium Service Pack 2Windows 7 x86, x64 Service Pack 1Windows Server 2008 R2 x64, Itanium Service Pack 1Windows 8, 8.1 x86, x64Windows Server 2012Windows Server 2012 R2Windows RTWindows RT 8.1

References

Related

nessus 8
openvas 7
cvelist 14
mskb 4
exploitdb 3
prion 14
nvd 14
cve 14
securityvulns 1
checkpoint_advisories 7
zdi 8
symantec 14
metasploit 1
exploitpack 1
myhack58 2
zdt 2
canvas 1
fireeye 3
seebug 1
packetstorm 2
attackerkb 1
cisa_kev 1
threatpost 5
korelogic 1
thn 1
talosblog 1
trellix 2
kaspersky 1
githubexploit 2
nessus
nessus
MS15-051: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (3057191)
2015-05-12 00:00:00
MS15-048: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3057134)
2015-05-12 00:00:00
MS15-053: Vulnerabilities in JScript and VBScript Scripting Engines Could Allow Security Feature Bypass (3057263)
2015-05-12 00:00:00
openvas
openvas
Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerability (3045171)
2015-05-13 00:00:00
Microsoft .NET Framework Privilege Elevation Vulnerability (3057134)
2015-05-13 00:00:00
Microsoft Windows JScript & VBScript Security Bypass Vulnerability (3057263)
2015-05-13 00:00:00
cvelist
cvelist
CVE-2015-1676
2015-05-13 10:00:00
CVE-2015-1679
2015-05-13 10:00:00
CVE-2015-1678
2015-05-13 10:00:00
mskb
mskb
MS15-051: Vulnerabilities in Windows kernel-mode drivers could allow information disclosure: May 12, 2015
2015-05-12 00:00:00
MS15-053: Vulnerabilities in JScript and VBScript scripting engines could allow security feature bypass: May 12, 2015
2015-05-12 00:00:00
MS15-052: Vulnerability in Windows kernel could allow security feature bypass: May 12, 2015
2015-05-12 00:00:00
exploitdb
exploitdb
Microsoft Windows - Local Privilege Escalation (MS15-051)
2015-05-18 00:00:00
Microsoft Windows - ClientCopyImage Win32k (MS15-051) (Metasploit)
2015-06-24 00:00:00
Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass (MS15-052)
2015-05-18 00:00:00
prion
prion
Design/Logic Flaw
2015-05-13 10:59:00
Design/Logic Flaw
2015-05-13 10:59:00
Design/Logic Flaw
2015-05-13 10:59:00
nvd
nvd
CVE-2015-1680
2015-05-13 10:59:12
CVE-2015-1677
2015-05-13 10:59:09
CVE-2015-1679
2015-05-13 10:59:11
cve
cve
CVE-2015-1677
2015-05-13 10:59:09
CVE-2015-1680
2015-05-13 10:59:12
CVE-2015-1678
2015-05-13 10:59:10
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2015-05-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft .NET Framework Denial of Service (MS15-048: CVE-2015-1672)
2015-05-11 00:00:00
Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1686)
2015-05-12 00:00:00
Microsoft Internet Explorer VBScript Memory Corruption (MS15-053: CVE-2015-1684)
2015-06-07 00:00:00
zdi
zdi
Microsoft Windows NtUserRealInternalGetMessage Stack Information Disclosure Vulnerability
2015-05-12 00:00:00
Microsoft Windows NtUserGetTitleBarInfo Information Disclosure Vulnerability
2015-05-12 00:00:00
Microsoft Windows VBScript Regular Expression Information Disclosure Vulnerability
2015-05-12 00:00:00
symantec
symantec
Microsoft .NET Framework CVE-2015-1673 Remote Privilege Escalation Vulnerability
2015-05-12 00:00:00
Microsoft Windows Service Control Manager CVE-2015-1702 Remote Privilege Escalation Vulnerability
2015-05-12 00:00:00
Microsoft Windows Kernel Mode Driver CVE-2015-1677 Local Information Disclosure Vulnerability
2015-05-12 00:00:00
metasploit
metasploit
Windows ClientCopyImage Win32k Exploit
2015-06-03 11:48:23
exploitpack
exploitpack
Microsoft Windows - Local Privilege Escalation (MS15-051)
2015-05-18 00:00:00
myhack58
myhack58
Win32k elevation of privilege vulnerability, CVE-2 0 1 5-1 7 0 1-exp-vulnerability warning-the black bar safety net
2015-05-24 00:00:00
About 1 5 years 5 months to repair the two 0day-vulnerability warning-the black bar safety net
2015-05-13 00:00:00
zdt
zdt
Microsoft Windows ClientCopyImage Improper Object Handling Exploit
2015-06-23 00:00:00
Cellebrite UFED 7.5.0.845 Desktop Escape / Privilege Escalation Vulnerability
2020-05-14 00:00:00
canvas
canvas
Immunity Canvas: MS15_051
2015-04-21 10:59:00
fireeye
fireeye
Lessons from Operation RussianDoll
2016-03-09 11:00:00
The EPS Awakens - Part 2
2015-12-20 19:45:00
The EPS Awakens
2015-12-16 08:00:00
seebug
seebug
MS15-051 Win32k ClientCopyImage Elevation of Privilege Vulnerability (CVE-2015-1701)
2017-04-25 00:00:00
packetstorm
packetstorm
Microsoft Windows ClientCopyImage Improper Object Handling
2015-06-22 00:00:00
Cellebrite UFED 7.5.0.845 Desktop Escape / Privilege Escalation
2020-05-14 00:00:00
attackerkb
attackerkb
CVE-2015-1701
2015-04-21 00:00:00
cisa_kev
cisa_kev
Microsoft Win32k Privilege Escalation Vulnerability
2022-03-03 00:00:00
threatpost
threatpost
APT Groups Exploiting Patch Microsoft Office Flaw CVE-2015-2545
2016-05-25 12:58:57
Malware Dropper Built to Target European Energy Company
2016-07-12 09:31:54
Researchers Crack Furtim, SFG Malware Connection
2016-07-18 13:26:09
korelogic
korelogic
Cellebrite Restricted Desktop Escape and Escalation of User Privilege
2020-05-14 00:00:00
thn
thn
State-Sponsored SCADA Malware targeting European Energy Companies
2016-07-13 00:12:00
talosblog
talosblog
China Chopper still active 9 years later
2019-08-27 08:14:42
trellix
trellix
Take a "NetWalk" on the Wild Side
2020-08-03 00:00:00
Take a "NetWalk" on the Wild Side
2020-08-03 00:00:00
kaspersky
kaspersky
KLA10579 Multiple vulnerabilities in Microsoft Internet Explorer
2015-05-12 00:00:00
githubexploit
githubexploit
Exploit for CVE-2014-4210
2022-03-19 01:54:15
Exploit for CVE-2014-4210
2022-03-19 01:54:15

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.4

Confidence

High

EPSS

0.834

Percentile

98.5%

JSON
Related for KLA10580
nessus8openvas7cvelist14mskb4exploitdb3prion14nvd14cve14securityvulns1checkpoint_advisories7zdi8symantec14metasploit1exploitpack1myhack582zdt2canvas1fireeye3seebug1packetstorm2attackerkb1cisa_kev1threatpost5korelogic1thn1talosblog1trellix2kaspersky1githubexploit2