VAR-201501-0425
Vulnerability from variot - Updated: 2023-12-18 12:07The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass the Protected Process Light protection mechanism and read the contents of arbitrary process-memory locations by leveraging administrative privileges, aka "Windows Error Reporting Security Feature Bypass Vulnerability.". Samsungwssyncmlnps is a software update service in Samsung's smartphones in South Korea. Kiesrestore is one of the system recovery features. A directory traversal vulnerability exists in Kiesrestore in versions prior to Samsungwssyncmlnps2015-10-31. An attacker could exploit this vulnerability to write to any file. Local attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Successful exploits may lead to other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201501-0425",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "windows server 2012",
"scope": "eq",
"trust": 2.4,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows rt",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows rt 8.1",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems sp2 (server core install )"
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems sp2 (server core install )"
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2 for x64-based systems sp1 (server core install )"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core install )"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2 (server core install )"
},
{
"model": "wssyncmlnps",
"scope": "lt",
"trust": 0.6,
"vendor": "samsung",
"version": "2015-10-31"
},
{
"model": "windows vista service pack",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20"
},
{
"model": "windows server r2 for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "windows server for itanium-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "windows server itanium sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07229"
},
{
"db": "BID",
"id": "71927"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001030"
},
{
"db": "NVD",
"id": "CVE-2015-0001"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-249"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:x64:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_rt:-:gold:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:gold:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0001"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alex Ionescu of Winsider Seminars \u0026 Solutions Inc. and CrowdStrike Inc.",
"sources": [
{
"db": "BID",
"id": "71927"
}
],
"trust": 0.3
},
"cve": "CVE-2015-0001",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 1.9,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-0001",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CNVD-2017-07229",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-0001",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2017-07229",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201501-249",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07229"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001030"
},
{
"db": "NVD",
"id": "CVE-2015-0001"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-249"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass the Protected Process Light protection mechanism and read the contents of arbitrary process-memory locations by leveraging administrative privileges, aka \"Windows Error Reporting Security Feature Bypass Vulnerability.\". Samsungwssyncmlnps is a software update service in Samsung\u0027s smartphones in South Korea. Kiesrestore is one of the system recovery features. A directory traversal vulnerability exists in Kiesrestore in versions prior to Samsungwssyncmlnps2015-10-31. An attacker could exploit this vulnerability to write to any file. \nLocal attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Successful exploits may lead to other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0001"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001030"
},
{
"db": "CNVD",
"id": "CNVD-2017-07229"
},
{
"db": "BID",
"id": "71927"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-0001",
"trust": 3.3
},
{
"db": "BID",
"id": "71927",
"trust": 1.3
},
{
"db": "PACKETSTORM",
"id": "134392",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "62134",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001030",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-07229",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201501-249",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07229"
},
{
"db": "BID",
"id": "71927"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001030"
},
{
"db": "NVD",
"id": "CVE-2015-0001"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-249"
}
]
},
"id": "VAR-201501-0425",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07229"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07229"
}
]
},
"last_update_date": "2023-12-18T12:07:39.468000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MS15-006",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms15-006"
},
{
"title": "MS15-006",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms15-006"
},
{
"title": "Samsungwssyncmlnps directory traversal vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/94084"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07229"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001030"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001030"
},
{
"db": "NVD",
"id": "CVE-2015-0001"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/134392/microsoft-windows-8.1-ahcache.sys-ntapphelpcachecontrol-privilege-escalation.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/62134"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/71927"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-006"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99513"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99514"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0001"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150114-ms.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150001.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0001"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15213"
},
{
"trust": 0.6,
"url": "https://github.com/ud2/advisories/tree/master/android/samsung/nocve-2015-0001"
},
{
"trust": 0.6,
"url": "http://technet.microsoft.com/security/bulletin/ms15-006"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07229"
},
{
"db": "BID",
"id": "71927"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001030"
},
{
"db": "NVD",
"id": "CVE-2015-0001"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-249"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-07229"
},
{
"db": "BID",
"id": "71927"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001030"
},
{
"db": "NVD",
"id": "CVE-2015-0001"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-249"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-07229"
},
{
"date": "2015-01-13T00:00:00",
"db": "BID",
"id": "71927"
},
{
"date": "2015-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001030"
},
{
"date": "2015-01-13T22:59:00.050000",
"db": "NVD",
"id": "CVE-2015-0001"
},
{
"date": "2015-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-249"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-07229"
},
{
"date": "2015-01-13T00:00:00",
"db": "BID",
"id": "71927"
},
{
"date": "2015-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001030"
},
{
"date": "2018-10-12T22:07:48.240000",
"db": "NVD",
"id": "CVE-2015-0001"
},
{
"date": "2015-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-249"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "71927"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-249"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Microsoft Windows Product Windows Error Reporting In the component Protected Process Light Vulnerabilities that circumvent protection mechanisms",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001030"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-249"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…