NVD

Id
24577  
Name
CVE-2015-2553  
Description
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles junctions during mountpoint creation, which makes it easier for local users to gain privileges by leveraging certain sandbox access, aka "Windows Mount Point Elevation of Privilege Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
7.2  
Severity
High  
CVSS Base Score
7.2  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2015-10-13  
Modified Date
2016-12-12  
Seq
2015-2553  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
129535 24577 CVE-2015-2553 http://packetstormsecurity.com/files/133971/Windows-Sandboxed-Mount-Reparse-Point-Creation-Mitigation-Bypass.html  View
129536 24577 CVE-2015-2553 MS15-111  View
129537 24577 CVE-2015-2553 1033805  View
129538 24577 CVE-2015-2553 38474  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
9909 JVNDB-2015-005229 複数の Microsoft Windows 製品のカーネルにおける権限昇格の脆弱性 複数の Microsoft Windows 製品のカーネルは、マウントポイントの作成時にジャンクションを誤って処理するため、権限を取得される脆弱性が存在します。 CVE-2015-2553 79778 CVE-2015-2553 24577 7.2 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-005229.html 2015-10-13 2015-10-16 View