QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2015-2527

Back to search

CVE-2015-2527

Published: Sep 9, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

VendorProductVersions

n/a

n/a

affected
n/a

References

1033485
vdb-entry
x_refsource_SECTRACK
76599
vdb-entry
x_refsource_BID
MS15-097
vendor-advisory
x_refsource_MS
38199
exploit
x_refsource_EXPLOIT-DB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now