CVE-2015-6132

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Server 2008; Windows Server 2012; Windows Rt; Windows 10
Vendor: CVE Published:; 9 December 2015

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 87%

Summary

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2015-6132
Created by hexx0r

References

https://www.exploit-db.com/exploits/38968/

exploitx_refsource_EXPLOIT-DB

http://www.securitytracker.com/id/1034338

vdb-entryx_refsource_SECTRACK

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

87% chance of being exploited in the next 30 days.

Timeline

🟡
Public PoC available
May 14, 2016
👾
Exploit known to exist
May 14, 2016
Vulnerability published
Dec 9, 2015
Vulnerability Reserved
Aug 14, 2015

Collectors

NVD DatabaseMitre Database1 Proof of Concept(s)