Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0011

Overview

Vulnerability Score 4.7 4.7
CVE Id CVE-2015-0011
Last Modified 14 Jan 2015 04:24:55
Published 13 Jan 2015 05:59:04
Confidentiality Impact NONE NONE
Integrity Impact COMPLETE COMPLETE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2015-0011

Summary

mrxdav.sys (aka the WebDAV driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass an impersonation protection mechanism, and obtain privileges for redirection of WebDAV requests, via a crafted application, aka "WebDAV Elevation of Privilege Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 7 -

  • Microsoft Windows 8 -

  • Microsoft Windows 8.1 -

  • Microsoft Windows Rt -

  • Microsoft Windows Rt 8.1 -

  • Microsoft Windows Server 2003

  • Microsoft Windows Server 2008 -

  • Microsoft Windows Server 2008 R2

  • Microsoft Windows Server 2012 -

  • Microsoft Windows Server 2012 R2


References

MS - MS15-008

Related Patches

MS15-008 Security Update for Windows Server 2003 (KB3019215)

MS15-008 Security Update for Windows Vista (KB3019215)

MS15-008 Security Update for Windows Server 2008 (KB3019215)

MS15-008 Security Update for Windows Server 2003 x64 (KB3019215)

MS15-008 Security Update for Windows Server 2008 x64 (KB3019215)

MS15-008 Security Update for Windows Vista x64 (KB3019215)

MS15-008 Security Update for WEPOS and POSReady 2009 (KB3019215)


Last Updated: 27 May 2016 11:07:32