MS15-119  Security Update for Winsock to Address Elevation of Privilege

2015-11-10 This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to a target system and runs specially crafted code that is designed to exploit the vulnerability.
Vulnerabilities addressed in this bulletin:
Winsock Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Microsoft Windows when Winsock makes a call to a memory address without verifying that the address is valid. An attacker who successfully exploited this vulnerability could gain elevated privileges on a targeted system.
CVE-2015-2478

Bulletin details at Microsoft.com

Related CVE Entries

CVE-2015-2478

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application that triggers a Winsock call referencing an invalid address, aka "Winsock Elevation of Privilege Vulnerability."
Max CVSS
7.2
EPSS Score
0.05%
Published
2015-11-11
Updated
2019-05-15
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close