Use-after-free Vulnerability in Microsoft Windows Products
CVE-2015-1720

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Server 2008; Windows Server 2012; Windows Rt; Windows Server 2003
Vendor: CVE Published:; 10 June 2015

Summary

This vulnerability allows local users to exploit a use-after-free condition present in the kernel-mode drivers of various Microsoft Windows versions. By leveraging this flaw through a specially crafted application, attackers can escalate their privileges, potentially allowing unauthorized actions within the system. A comprehensive review of affected systems includes several versions of Windows Server, Vista, and Windows 7 through 8.1, underscoring the urgency for users to apply the relevant security updates provided by Microsoft.

References

http://www.securitytracker.com/id/1032525

vdb-entryx_refsource_SECTRACK

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

Timeline

Vulnerability published
Jun 10, 2015
Vulnerability Reserved
Feb 17, 2015