Vulnerability CVE-2015-0002

Vulnerability CVE-2015-0002

Published: 2015-01-13 Modified: 2015-01-14

Description:

The AhcVerifyAdminContext function in ahcache.sys in the Application Compatibility component in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not verify that an impersonation token is associated with an administrative account, which allows local users to gain privileges by running AppCompatCache.exe with a crafted DLL file, aka MSRC ID 20544 or "Microsoft Application Compatibility Infrastructure Elevation of Privilege Vulnerability."

See advisories in our WLB2 database:

	Topic	Author	Date
High	Microsoft Windows NtApphelpCacheControl Improper Authorization Check	sinn3r	18.01.2015

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.2/10	10/10	3.9/10

Exploit range	Attack complexity	Authentication
Local	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Complete	Complete	Complete

Affected software
Microsoft -> Windows 7
Microsoft -> Windows 8
Microsoft -> Windows 8.1
Microsoft -> Windows rt
Microsoft -> Windows rt 8.1
Microsoft -> Windows server 2008
Microsoft -> Windows server 2012

References:

http://secunia.com/advisories/61277

http://twitter.com/sambowne/statuses/550384131683520512

http://www.securityfocus.com/bid/71972

http://www.zdnet.com/article/google-discloses-unpatched-windows-vulnerability/

https://code.google.com/p/google-security-research/issues/detail?id=118

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-001

https://exchange.xforce.ibmcloud.com/vulnerabilities/99523

https://exchange.xforce.ibmcloud.com/vulnerabilities/99524

Copyright 2024, cxsecurity.com