SB2015081103 - Multiple vulnerabilities in Microsoft Windows

Main Vulnerability Database SB2015081103

SB2015081103 - Multiple vulnerabilities in Microsoft Windows

Published: August 11, 2015 Updated: February 10, 2017

Security Bulletin ID SB2015081103

Severity

High

Patch available

YES

Number of vulnerabilities 16

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 16 secuirty vulnerabilities.

1) Security bypass (CVE-ID: CVE-2015-2465)

The vulnerabiity allows a local attacker to bypass security restrictions on the target system.

The weakness exists due to improper validation and enforcement of impersonation levels by Windows shell. A local attacker can create a specially crafted application, execute it on the system, bypass impersonation-level security and gain elevated privileges.

Successful exploitation of this vulnerability may result in privilege escalation on the vulnerable system.

2) Security bypass (CVE-ID: CVE-2015-2454)

The vulnerabiity allows a local attacker to bypass security restrictions on the target system.

The weakness exists due to improper validation and enforcement of impersonation levels by Windows kernel-mode driver. A local attacker can create a specially crafted application, execute it on the system, bypass impersonation-level security and gain elevated privileges.

Successful exploitation of this vulnerability may result in privilege escalation on the vulnerable system.

3) Security bypass (CVE-ID: CVE-2015-2433)

The vulnerabiity allows a local attacker to bypass security restrictions on the target system.

The weakness exists due to improper initialization of a memory address by Windows kernel. A local attacker can create a specially crafted application, execute it on the system, bypass Kernel Address Space Layout Randomization (KASLR) and obtain arbitrary information.

Successful exploitation of this vulnerability results in disclosure of sensitive information.

4) Privilege escalation (CVE-ID: CVE-2015-2453)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists due to improper validation of permissions. A local attacker can create a specially crafted application, execute it during a subsequent user's login session, gain elevated privileges and obtain potentially sensitive information.

Successful exploitation of this vulnerability results in information disclosure on the vulnerable system.

5) Improper input validation (CVE-ID: CVE-2015-2431)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper handling of Office Graphics Library (OGL) fonts by Microsoft Office. A remote attacker can create a specially crafted document containing embedded OGL font, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.

6) Improper input validation (CVE-ID: CVE-2015-2464)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper handling of TrueType fonts by Windows Adobe Type Manager Library. A remote attacker can create a specially crafted document containing embedded TrueType font, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.

7) Improper input validation (CVE-ID: CVE-2015-2463)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper handling of TrueType fonts by Windows Adobe Type Manager Library. A remote attacker can create a specially crafted document containing embedded TrueType font, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.

8) Improper input validation (CVE-ID: CVE-2015-2456)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper handling of TrueType fonts by Windows Adobe Type Manager Library. A remote attacker can create a specially crafted document containing embedded TrueType font, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.

9) Improper input validation (CVE-ID: CVE-2015-2455)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper handling of TrueType fonts by Windows Adobe Type Manager Library. A remote attacker can create a specially crafted document containing embedded TrueType font, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.

10) Improper input validation (CVE-ID: CVE-2015-2435)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper handling of TrueType fonts by Windows Adobe Type Manager Library. A remote attacker can create a specially crafted document containing embedded TrueType font, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.

11) Improper input validation (CVE-ID: CVE-2015-2462)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper handling of OpenType fonts by Windows Adobe Type Manager Library. A remote attacker can create a specially crafted document containing embedded OpenType font, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.

12) Improper input validation (CVE-ID: CVE-2015-2461)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper handling of OpenType fonts by Windows Adobe Type Manager Library. A remote attacker can create a specially crafted document containing embedded OpenType font, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.

13) Improper input validation (CVE-ID: CVE-2015-2460)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper handling of OpenType fonts by Windows Adobe Type Manager Library. A remote attacker can create a specially crafted document containing embedded OpenType font, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.

14) Improper input validation (CVE-ID: CVE-2015-2459)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper handling of OpenType fonts by Windows Adobe Type Manager Library. A remote attacker can create a specially crafted document containing embedded OpenType font, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.

15) Improper input validation (CVE-ID: CVE-2015-2458)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper handling of OpenType fonts by Windows Adobe Type Manager Library. A remote attacker can create a specially crafted document containing embedded OpenType font, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.

16) Improper input validation (CVE-ID: CVE-2015-2432)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper handling of OpenType fonts by Windows Adobe Type Manager Library. A remote attacker can create a specially crafted document containing embedded OpenType font, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.

Remediation

Install update from vendor's website.

References

https://technet.microsoft.com/en-us/library/security/ms15-080.aspx