CVE-2015-1645
published 2015-04-14CVE-2015-1645: Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to execute arbitrary code…
PriorityP263critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
25.45%
97.7th percentile
Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to execute arbitrary code via a crafted Enhanced Metafile (EMF) image, aka "EMF Processing Remote Code Execution Vulnerability."
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_server_2008 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
Microsoft Patch Tuesday for April 2015: 11 Bulletins Released
blogs_talos·2015-04-14·CVSS 9.8
[CRITICAL] Microsoft Patch Tuesday for April 2015: 11 Bulletins Released
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 11 bulletins being released which address 26 CVEs. The first 4 bulletins are rated Critical and address vulnerabilities within Internet Explorer, Office, IIS, and Graphics Component. The remaining 7 bulletins are rated Important and cover vulnerabilities within SharePoint, Task Scheduler, Windows, XML Core Services, Active Directory, .NET, and Hyper-V.
### Bulletins Rated CriticalMS15-032, MS15-033, MS15-034, and MS15-035 are rated Critical.
MS15-032 is this month’s Internet Explorer security bulletin with vulnerabilities in versions 6 through 11 being addressed. This month, 10 CVEs were addressed with the majority
Talos
Microsoft Patch Tuesday for April 2015: 11 Bulletins Released
blogs_talos·2015-04-14·CVSS 9.8
[CRITICAL] Microsoft Patch Tuesday for April 2015: 11 Bulletins Released
## Microsoft Patch Tuesday for April 2015: 11 Bulletins Released
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 11 bulletins being released which address 26 CVEs. The first 4 bulletins are rated Critical and address vulnerabilities within Internet Explorer, Office, IIS, and Graphics Component. The remaining 7 bulletins are rated Important and cover vulnerabilities within SharePoint, Task Scheduler, Windows, XML Core Services, Active Directory, .NET, and Hyper-V.
## Bulletins Rated Critical MS15-032, MS15-033, MS15-034, and MS15-035 are rated Critical.
MS15-032 is this month’s Internet Explorer security bulletin with vulnerabilities in versions 6 through 11 bein
http://packetstormsecurity.com/files/131457/Microsoft-Windows-GDI-MRSETDIBITSTODEVICE-bPlay-EMF-Parsing-Memory-Corruption.htmlhttp://www.securityfocus.com/archive/1/535272/100/0/threadedhttp://www.securitytracker.com/id/1032110https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-035http://packetstormsecurity.com/files/131457/Microsoft-Windows-GDI-MRSETDIBITSTODEVICE-bPlay-EMF-Parsing-Memory-Corruption.htmlhttp://www.securityfocus.com/archive/1/535272/100/0/threadedhttp://www.securitytracker.com/id/1032110https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-035
2015-04-14
Published