Untrusted Search Path Vulnerability in Microsoft Windows Media Device Manager
CVE-2015-2369

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows Server 2008
Windows 7
Windows Vista
Windows 2003 Server
Vendor
CVE Published:
14 July 2015

What is CVE-2015-2369?

The untrusted search path vulnerability in Windows Media Device Manager affects several Windows operating systems and allows local users to exploit a weakness by embedding a Trojan horse DLL in the current working directory. This may lead to unauthorized privilege escalation, as the system might execute the malicious DLL rather than the legitimate one. The risk is particularly pressing when unverified files are accessible in directories containing .rtf files, facilitating potential remote code execution.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id/1032898
vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.