QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2015-1674

Back to search

CVE-2015-1674

Published: May 13, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate an unspecified address, which allows local users to bypass the KASLR protection mechanism, and consequently discover the cng.sys base address, via a crafted application, aka "Windows Kernel Security Feature Bypass Vulnerability."

VendorProductVersions

n/a

n/a

affected
n/a

References

1032292
vdb-entry
x_refsource_SECTRACK
37052
exploit
x_refsource_EXPLOIT-DB
74488
vdb-entry
x_refsource_BID
MS15-052
vendor-advisory
x_refsource_MS

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now