CVE-2015-2382
Published Jul 14, 2015
Last updated 6 years ago
Overview
- Description
- win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel memory via a crafted application, aka "Win32k Information Disclosure Vulnerability," a different vulnerability than CVE-2015-2381.
- Source
- secure@microsoft.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABC7A32C-4A4A-4533-B42E-350E728ADFEB"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:datacenter:*:*:*",
"vulnerable": true,
"matchCriteriaId": "32BCD530-F6E2-4F9B-AD4C-7DF2BED00296"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:essentials:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1318333-EF3A-4DBA-8DD7-367BF843F70D"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:standard:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74B5E7C1-6C1D-4605-91CF-AF105EFA678D"
}
],
"operator": "OR"
}
]
}
]