Vigil@nce - Windows Kernel: five vulnerabilities
December 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of Windows Kernel.
Impacted products: Windows 10, Windows 2008 R0, Windows 2008 R2,
Microsoft Windows 2012, Windows 7, Windows 8, Windows RT, Windows
Vista.
Severity: 2/4.
Creation date: 13/10/2015.
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in Windows Kernel.
An attacker can generate a memory corruption, in order to trigger
a denial of service, and possibly to run code. [severity:2/4;
CVE-2015-2549]
An attacker can bypass security features, in order to escalate his
privileges. [severity:2/4; CVE-2015-2550]
An attacker can bypass security features, in order to escalate his
privileges. [severity:2/4; CVE-2015-2552]
An attacker can bypass security features in Windows Mount Point,
in order to escalate his privileges. [severity:2/4; CVE-2015-2553]
An attacker can bypass security features, in order to escalate his
privileges. [severity:2/4; CVE-2015-2554]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Windows-Kernel-five-vulnerabilities-18091