CVE-2015-6102

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Server 2008; Windows Server 2012; Windows Rt; Windows 10
Vendor: CVE Published:; 11 November 2015

Summary

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Windows Kernel Memory Information Disclosure Vulnerability."

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://www.exploit-db.com/exploits/38794/

exploitx_refsource_EXPLOIT-DB

http://www.securitytracker.com/id/1034114

vdb-entryx_refsource_SECTRACK

EPSS Score

84% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 11, 2015
Vulnerability Reserved
Aug 14, 2015

Collectors

NVD DatabaseMitre Database