CVE-2015-1701: CVE-2015-1701

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-1701

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Microsoft Windows Win32k 特权提升漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Microsoft Windows是美国微软（Microsoft）公司发布的一系列操作系统。当Microsoft Windows Win32k.sys内核模式驱动程序不正确地处理内存中的对象时，存在一个特权提升漏洞。成功利用此漏洞的攻击者可以运行内核模式中的任意代码。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。以下系统受到影响：Microsoft Windows Server 2003 SP2，Vista SP2，Server 2008 SP2。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2015-1701

#	POC Description	Source Link	Shenlong Link
1	Win32k LPE vulnerability used in APT attack	https://github.com/hfiref0x/CVE-2015-1701	POC Details
2	Unspecified vulnerability in Microsoft Windows before 8 allows local users to gain privileges via unknown vectors, as exploited in the wild in April 2015 (Base Score: 7.2 HIGH) Current Description Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability	https://github.com/Anonymous-Family/CVE-2015-1701	POC Details
3	None	https://github.com/Anonymous-Family/CVE-2015-1701-download	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2015-1701

Please Login to view more intelligence information

http://twitter.com/symantec/statuses/590208710527549440x_refsource_MISC
https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.htmlx_refsource_MISC
http://www.securityfocus.com/bid/74245vdb-entryx_refsource_BID
https://www.exploit-db.com/exploits/37049/exploitx_refsource_EXPLOIT-DB
https://www.exploit-db.com/exploits/37367/exploitx_refsource_EXPLOIT-DB
http://www.securitytracker.com/id/1032155vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-051vendor-advisoryx_refsource_MS
http://seclists.org/fulldisclosure/2020/May/34mailing-listx_refsource_FULLDISC
https://nvd.nist.gov/vuln/detail/CVE-2015-1701

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2015-1701

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2015-1701

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2015-1701

III. Intelligence Information for CVE-2015-1701

New Vulnerabilities

V. Comments for CVE-2015-1701

Leave a comment