CVE-2015-0079 — Microsoft Windows Server 2012 vulnerability

CWE-3997 documents4 sources

Severity

7.8HIGHNVD

EPSS

23.0%

top 4.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows Server 2012

Timeline

PublishedMar 11

Latest updateMay 14

Description

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to cause a denial of service (memory consumption and RDP outage) by establishing many RDP sessions that do not properly free allocated memory, aka "Remote Desktop Protocol (RDP) Denial of Service Vulnerability."

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

▶NVDmicrosoft/windowsr2

Patches

Patch: docs.microsoft.com ↗Patch: docs.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-q865-r3r3-2mgh: The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8↗2022-05-14

▶

🕵️Threat Intelligence

Talos

Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK Patched↗2015-03-10

▶

Talos

Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK Patched↗2015-03-10

▶

💬Community

Bugzilla

CVE-2015-0406 Oracle JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment)↗2015-01-20

▶

Bugzilla

CVE-2015-0413 Oracle JDK: unspecified vulnerability fixed in 7u75 and 8u31 (Serviceability)↗2015-01-20

▶