NVD

Id
22612  
Name
CVE-2015-0076  
Description
The photo-decoder implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly initialize memory for rendering of JXR images, which allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "JPEG XR Parser Information Disclosure Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2015-03-11  
Modified Date
2015-09-10  
Seq
2015-0076  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
119711 22612 CVE-2015-0076 MS15-029  View
119712 22612 CVE-2015-0076 72918  View
119713 22612 CVE-2015-0076 1031894  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
6423 JVNDB-2015-001743 複数の Microsoft Windows 製品のフォトデコーダーの実装におけるプロセスメモリから重要な情報を取得される脆弱性 複数の Microsoft Windows 製品のフォトデコーダーの実装は、JXR 画像のレンダリング用メモリを適切に初期化しないため、プロセスメモリから重要な情報を取得される脆弱性が存在します。 CVE-2015-0076 77287 CVE-2015-0076 22612 4.3 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-001743.html 2015-03-10 2015-03-12 View