Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-0002Microsoft Windows Server 2008 vulnerability

CWE-26416 documents9 sources
Severity
7.2HIGHNVD
EPSS
38.2%
top 2.76%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Microsoft Windows Server 2008Microsoft Windows Server 2012
Timeline
PublishedJan 13
Latest updateMay 14

Description

The AhcVerifyAdminContext function in ahcache.sys in the Application Compatibility component in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not verify that an impersonation token is associated with an administrative account, which allows local users to gain privileges by running AppCompatCache.exe with a crafted DLL file, aka MSRC ID 20544 or "Microsoft Application Compatibility Infrastructure Elev

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-jmf2-h3mv-m742: The AhcVerifyAdminContext function in ahcache2022-05-14
Project0
A Token’s Tale - Project Zero2015-02-01

💥Exploits & PoCs

3
Exploit-DB
Android WiFi-Direct - Denial of Service2015-01-26
Exploit-DB
Microsoft Windows 8.1 (x86/x64) - 'ahcache.sys' NtApphelpCacheControl Privilege Escalation2015-01-01
Metasploit
MS15-001 Microsoft Windows NtApphelpCacheControl Improper Authorization Check

📋Vendor Advisories

1
VMware
VMware vSphere Data Protection product update addresses a certificate validation vulnerability.2015-01-29

🕵️Threat Intelligence

3
Talos
Microsoft Update Tuesday January 2015: Another Light Month, No IE Bulletins, More Changes to Reporting2015-01-13
Talos
Microsoft Update Tuesday January 2015: Another Light Month, No IE Bulletins, More Changes to Reporting2015-01-13
Zscaler
Zscaler found Multiple Security Vulnerabilities | 01-13-2015

💬Community

5
Bugzilla
xscreensaver: Unplugging HDMI cable can cause lock bypass2015-10-29
Bugzilla
CVE-2015-2155 tcpdump: force printer vulnerability2015-03-13
Bugzilla
CVE-2015-2154 tcpdump: ethernet printer osi_print_cksum() missing sanity checks out-of-bounds read2015-03-13
Bugzilla
CVE-2015-2153 tcpdump: tcp printer rpki_rtr_pdu_print() missing length check2015-03-13
Bugzilla
CVE-2015-1779 qemu: vnc: insufficient resource limiting in VNC websockets decoder2015-03-06