The Windows Registry Virtualization feature in the kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict changes to virtual stores, which allows local users to gain privileges via a crafted application, aka "Registry Virtualization Elevation of Privilege Vulnerability."
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/72908 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1031899 | Third Party Advisory VDB Entry |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-025 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/72908 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1031899 | Third Party Advisory VDB Entry |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-025 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:22
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/72908 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1031899 - Third Party Advisory, VDB Entry | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-025 - Patch, Vendor Advisory |
Information
Published : 2015-03-11 10:59
Updated : 2024-11-21 02:22
NVD link : CVE-2015-0073
Mitre link : CVE-2015-0073
CVE.ORG link : CVE-2015-0073
JSON object : View
Products Affected
microsoft
- windows_vista
- windows_rt
- windows_7
- windows_8.1
- windows_rt_8.1
- windows_server_2012
- windows_server_2003
- windows_server_2008
- windows_8
CWE
CWE-264
Permissions, Privileges, and Access Controls