CVE-2015-6113

LOW Year: 2015
CVSS v2 Score
2.1
Low
Weakness Type
CWE-254
View all →

Vulnerability Description

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass intended filesystem permissions by leveraging Low Integrity access, aka "Windows Kernel Security Feature Bypass Vulnerability."

Related Vulnerabilities

CVE-2016-5788

CRITICAL
CVSS:10.0(Critical)

General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote attackers to obtain privileged access via ...

CWE-2542016

CVE-2011-3145

CRITICAL
CVSS:9.8(Critical)

When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of th...

CWE-2542011

CVE-2011-4889

CRITICAL
CVSS:9.8(Critical)

The javax.naming.directory.AttributeInUseException class in the Virtual Member Manager in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.43, 7.0 before 7.0.0.21, and 8.0 before 8.0.0.2 does n...

CWE-2542011

CVE-2014-5334

CRITICAL
CVSS:9.8(Critical)

FreeNAS before 9.3-M3 has a blank admin password, which allows remote attackers to gain root privileges by leveraging a WebGui login.

CWE-2542014

CVE-2015-6473

CRITICAL
CVSS:9.8(Critical)

WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 do not contain privilege separation.

CWE-2542015

CVE-2015-7554

CRITICAL
CVSS:9.8(Critical)

The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field dat...

CWE-2542015