Windows Operating Systems Vulnerability Allowing Local Privilege Escalation
CVE-2015-2478

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Server 2008; Windows Server 2012; Windows Rt; Windows 10
Vendor: CVE Published:; 11 November 2015

Summary

This vulnerability in Microsoft Windows allows local users to exploit a crafted application that interacts with the Winsock API by referencing an invalid address. Successful exploitation could enable an attacker to gain elevated privileges on the system, potentially leading to unauthorized actions or access within the affected operating systems.

References

http://www.securitytracker.com/id/1034121

vdb-entryx_refsource_SECTRACK

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

Timeline

Vulnerability published
Nov 11, 2015
Vulnerability Reserved
Mar 19, 2015