[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Elevation of privilege vulnerability in Windows installer service via custom action scripts

ID: oval:org.secpod.oval:def:25342Date: (C)2015-07-15   (M)2024-03-06
Class: VULNERABILITYFamily: windows




The host is installed with Microsoft Server 2003, Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which improperly handles custom action scripts. Successful exploitation could allow attackers to install programs; view, change, or delete data; or create new accounts with full administrative rights.

Platform:
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows 10
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Reference:
CVE-2015-2371
CVE    1
CVE-2015-2371
CPE    34
cpe:/o:microsoft:windows_server_2008:r2:sp1:x64
cpe:/o:microsoft:windows_server_2008:::x64
cpe:/o:microsoft:windows_server_2008:::x86
cpe:/o:microsoft:windows_7::sp1:x64
...

© SecPod Technologies