CVE-2015-2433
published 2015-08-15CVE-2015-2433: The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows…
PriorityP427low2.1CVSS 2.0
AVLACLAuNCPINAN
EXPLOIT
EPSS
18.40%
96.9th percentile
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Kernel ASLR Bypass Vulnerability."
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2012 | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Windows - Font Driver Buffer Overflow (MS15-078) (Metasploit)
exploitdb·2015-09-17
CVE-2015-2433 Microsoft Windows - Font Driver Buffer Overflow (MS15-078) (Metasploit)
Microsoft Windows - Font Driver Buffer Overflow (MS15-078) (Metasploit)
---
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'msf/core/post/windows/reflective_dll_injection'
require 'rex'
class Metasploit3 'MS15-078 Microsoft Windows Font Driver Buffer Overflow',
'Description' => %q{
This module exploits a pool based buffer overflow in the atmfd.dll driver when parsing
a malformed font. The vulnerability was exploited by the hacking team and disclosed on
the july data leak. This module has been tested successfully on vulnerable builds of
Windows 8.1 x64.
},
'License' => MSF_LICENSE,
'Author' => [
'Eugene Ching', # vulnerability discovery and exploit
'Mateusz Jurczyk', # vu
Metasploit
MS15-078 Microsoft Windows Font Driver Buffer Overflow
metasploit
MS15-078 Microsoft Windows Font Driver Buffer Overflow
MS15-078 Microsoft Windows Font Driver Buffer Overflow
This module exploits a pool based buffer overflow in the atmfd.dll driver when parsing a malformed font. The vulnerability was exploited by the hacking team and disclosed in the July data leak. This module has been tested successfully on vulnerable builds of Windows 8.1 x64.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/76213http://www.securitytracker.com/id/1033238https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080https://www.exploit-db.com/exploits/38222/http://www.securityfocus.com/bid/76213http://www.securitytracker.com/id/1033238https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080https://www.exploit-db.com/exploits/38222/
2015-08-15
Published