Sign-up

ID

VAR-201501-0425


CVE

CVE-2015-0001


TITLE

plural Microsoft Windows Product Windows Error Reporting In the component Protected Process Light Vulnerabilities that circumvent protection mechanisms

Trust: 0.8

sources: JVNDB: JVNDB-2015-001030

DESCRIPTION

The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass the Protected Process Light protection mechanism and read the contents of arbitrary process-memory locations by leveraging administrative privileges, aka "Windows Error Reporting Security Feature Bypass Vulnerability.". Samsungwssyncmlnps is a software update service in Samsung's smartphones in South Korea. Kiesrestore is one of the system recovery features. A directory traversal vulnerability exists in Kiesrestore in versions prior to Samsungwssyncmlnps2015-10-31. An attacker could exploit this vulnerability to write to any file. Local attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Successful exploits may lead to other attacks

Trust: 2.43

sources: NVD: CVE-2015-0001 // JVNDB: JVNDB-2015-001030 // CNVD: CNVD-2017-07229 // BID: 71927

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-07229

AFFECTED PRODUCTS

vendor:microsoftmodel:windows server 2012scope:eqversion:r2

Trust: 2.4

vendor:microsoftmodel:windows server 2012scope:eqversion: -

Trust: 1.6

vendor:microsoftmodel:windows 8.1scope:eqversion: -

Trust: 1.6

vendor:microsoftmodel:windows 8scope:eqversion: -

Trust: 1.6

vendor:microsoftmodel:windows rtscope:eqversion: -

Trust: 1.6

vendor:microsoftmodel:windows rt 8.1scope:eqversion: -

Trust: 1.6

vendor:microsoftmodel:windows 8scope:eqversion:for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 8scope:eqversion:for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 8.1scope:eqversion:for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 8.1scope:eqversion:for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows rtscope: - version: -

Trust: 0.8

vendor:microsoftmodel:windows rt 8.1scope: - version: -

Trust: 0.8

vendor:microsoftmodel:windows server 2008scope:eqversion:for 32-bit systems sp2 (server core install )

Trust: 0.8

vendor:microsoftmodel:windows server 2008scope:eqversion:for x64-based systems sp2 (server core install )

Trust: 0.8

vendor:microsoftmodel:windows server 2008scope:eqversion:r2 for x64-based systems sp1 (server core install )

Trust: 0.8

vendor:microsoftmodel:windows server 2012scope:eqversion:none

Trust: 0.8

vendor:microsoftmodel:windows server 2012scope:eqversion:(server core install )

Trust: 0.8

vendor:microsoftmodel:windows server 2012scope:eqversion:r2 (server core install )

Trust: 0.8

vendor:samsungmodel:wssyncmlnpsscope:ltversion:2015-10-31

Trust: 0.6

vendor:microsoftmodel:windows vista service packscope:eqversion:20

Trust: 0.3

vendor:microsoftmodel:windows server r2 for x64-based systems sp1scope:eqversion:2008

Trust: 0.3

vendor:microsoftmodel:windows server for x64-based systems sp2scope:eqversion:2008

Trust: 0.3

vendor:microsoftmodel:windows server for itanium-based systems sp2scope:eqversion:2008

Trust: 0.3

vendor:microsoftmodel:windows server for 32-bit systems sp2scope:eqversion:2008

Trust: 0.3

vendor:microsoftmodel:windows server itanium sp2scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:windows server sp2scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:windows for x64-based systems sp1scope:eqversion:7

Trust: 0.3

vendor:microsoftmodel:windows for 32-bit systems sp1scope:eqversion:7

Trust: 0.3

sources: CNVD: CNVD-2017-07229 // BID: 71927 // JVNDB: JVNDB-2015-001030 // CNNVD: CNNVD-201501-249 // NVD: CVE-2015-0001

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-0001
value: LOW

Trust: 1.0

NVD: CVE-2015-0001
value: LOW

Trust: 0.8

CNVD: CNVD-2017-07229
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201501-249
value: LOW

Trust: 0.6

nvd@nist.gov: CVE-2015-0001
severity: LOW
baseScore: 1.9
vectorString: AV:L/AC:M/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.4
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-07229
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2017-07229 // JVNDB: JVNDB-2015-001030 // CNNVD: CNNVD-201501-249 // NVD: CVE-2015-0001

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.8

sources: JVNDB: JVNDB-2015-001030 // NVD: CVE-2015-0001

THREAT TYPE

local

Trust: 0.9

sources: BID: 71927 // CNNVD: CNNVD-201501-249

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201501-249

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-001030

PATCH
title:MS15-006url:https://technet.microsoft.com/en-us/library/security/ms15-006
Trust: 0.8
title:MS15-006url:https://technet.microsoft.com/ja-jp/library/security/ms15-006
Trust: 0.8
title:Samsungwssyncmlnps directory traversal vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/94084
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-07229 // 
            
            
            
            JVNDB: JVNDB-2015-001030

EXTERNAL IDS
db:NVDid:CVE-2015-0001
Trust: 3.3
db:BIDid:71927
Trust: 1.3
db:SECUNIAid:62134
Trust: 1.0
db:PACKETSTORMid:134392
Trust: 1.0
db:JVNDBid:JVNDB-2015-001030
Trust: 0.8
db:CNVDid:CNVD-2017-07229
Trust: 0.6
db:CNNVDid:CNNVD-201501-249
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-07229 // 
            
            
            
            BID: 71927 // 
            
            
            
            JVNDB: JVNDB-2015-001030 // 
            
            
            
            CNNVD: CNNVD-201501-249 // 
            
            
            
            NVD: CVE-2015-0001

REFERENCES
url:http://packetstormsecurity.com/files/134392/microsoft-windows-8.1-ahcache.sys-ntapphelpcachecontrol-privilege-escalation.html
Trust: 1.0
url:http://secunia.com/advisories/62134
Trust: 1.0
url:http://www.securityfocus.com/bid/71927
Trust: 1.0
url:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-006
Trust: 1.0
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/99513
Trust: 1.0
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/99514
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0001
Trust: 0.8
url:http://www.ipa.go.jp/security/ciadr/vul/20150114-ms.html
Trust: 0.8
url:http://www.jpcert.or.jp/at/2015/at150001.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0001
Trust: 0.8
url:http://www.npa.go.jp/cyberpolice/topics/?seq=15213
Trust: 0.8
url:https://github.com/ud2/advisories/tree/master/android/samsung/nocve-2015-0001
Trust: 0.6
url:http://technet.microsoft.com/security/bulletin/ms15-006
Trust: 0.6
url:http://www.microsoft.com
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-07229 // 
            
            
            
            BID: 71927 // 
            
            
            
            JVNDB: JVNDB-2015-001030 // 
            
            
            
            CNNVD: CNNVD-201501-249 // 
            
            
            
            NVD: CVE-2015-0001

CREDITS
Alex Ionescu of Winsider Seminars & Solutions Inc. and CrowdStrike Inc.
Trust: 0.3
sources:
            
            
            BID: 71927

SOURCES
db:CNVDid:CNVD-2017-07229
db:BIDid:71927
db:JVNDBid:JVNDB-2015-001030
db:CNNVDid:CNNVD-201501-249
db:NVDid:CVE-2015-0001

LAST UPDATE DATE
2024-08-14T14:33:38.329000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-07229date:2017-05-23T00:00:00
db:BIDid:71927date:2015-01-13T00:00:00
db:JVNDBid:JVNDB-2015-001030date:2015-01-15T00:00:00
db:CNNVDid:CNNVD-201501-249date:2015-01-15T00:00:00
db:NVDid:CVE-2015-0001date:2018-10-12T22:07:48.240

SOURCES RELEASE DATE
db:CNVDid:CNVD-2017-07229date:2017-05-23T00:00:00
db:BIDid:71927date:2015-01-13T00:00:00
db:JVNDBid:JVNDB-2015-001030date:2015-01-15T00:00:00
db:CNNVDid:CNNVD-201501-249date:2015-01-15T00:00:00
db:NVDid:CVE-2015-0001date:2015-01-13T22:59:00.050