SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Windows DLL (Any) Vendors:   Microsoft
Microsoft Windows Command Line Flaw Lets Remote Users Obtain Potentially Sensitive Information on the Target System
SecurityTracker Alert ID:  1033248
SecurityTracker URL:  http://securitytracker.com/id/1033248
CVE Reference:   CVE-2015-2423   (Links to External Site)
Date:  Aug 11 2015
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Vista SP2, 2008 SP2, 7 SP1, 2008 R2 SP1, 8, 8.1, 2012, 2012 R2, RT, RT 8.1, 10; and prior service packs
Description:   A vulnerability was reported in Microsoft Windows. A remote user can obtain potentially sensitive information on the target system.

A remote user that can exploit a separate vulnerability in Internet Explorer running in Enhanced Protection Mode (EPM) can supply a specially crafted command line parameter to Excel, Notepad, PowerPoint, Visio, or Word to view files at a medium integrity level [CVE-2015-2423].

Impact:   A remote user can obtain potentially sensitive information on the target system.
Solution:   The vendor has issued a fix.

Windows Vista Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=42b4490a-be79-482b-aa41-11494a7d2fa9

Windows Vista Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=ed647b6c-052e-48d2-b3ef-dd540432e34d

Windows Vista x64 Edition Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=608a6449-cc4f-4816-84db-0e7f8b7e9725

Windows Vista x64 Edition Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=653acb1e-99d4-4f93-9b72-12d7453a4e23

Windows Server 2008 for 32-bit Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=5a51a39a-6df3-49ed-93a2-e424557dd86a

Windows Server 2008 for 32-bit Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=12437fca-427b-4b42-8e0d-50424c4e86c9

Windows Server 2008 for x64-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=2d96b85f-f2aa-4e3e-bfc9-a8c254c7e9de

Windows Server 2008 for x64-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=c78f0efc-5c1a-4db7-84df-d67c99eb5115

Windows Server 2008 for Itanium-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=48d61938-53ec-4494-ab44-687c200878a8

Windows Server 2008 for Itanium-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=7ff064b1-2904-4ca1-b701-4d7fc09dd27f

Windows 7 for 32-bit Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=54468dee-6fba-4a58-be0d-4864e6a4cc6c

Windows 7 for 32-bit Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=a243de4b-104d-4b2c-9bd3-aaa01aae6d41

Windows 7 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=08f7d73b-42a7-43ad-a342-b1ff2e0005e8

Windows 7 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=a7145ce2-53a0-475a-8086-35f411d88b4a

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=98d9a427-ea13-4a51-8da9-f2353da466ea

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=543ab296-3b6c-4678-969e-50a856b75c24

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=8e71888d-3e79-46a8-b72f-497f4f47500e

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=82bd6305-e6e2-4b15-9dba-e40533b4ad27

Windows 8 for 32-bit Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=ca3eda3b-95bc-48ea-9b37-bad7f78d84aa

Windows 8 for x64-based Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=7ca45509-f0b1-4a16-9c57-c660dabd24a2

Windows 8.1 for 32-bit Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=a75405af-4ebb-40f3-961c-8268e1366ceb

Windows 8.1 for x64-based Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=991360b0-d07c-4b62-8c84-a260dbc8bbf8

Windows Server 2012:

https://www.microsoft.com/downloads/details.aspx?familyid=2f4069fa-07e5-4354-b773-94afa0ecc195

Windows Server 2012 R2:

https://www.microsoft.com/downloads/details.aspx?familyid=71e3887e-0b92-41da-b5a0-532e46c5c018

Windows Server 2008 for 32-bit Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=5a51a39a-6df3-49ed-93a2-e424557dd86a

Windows Server 2008 for 32-bit Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=12437fca-427b-4b42-8e0d-50424c4e86c9

Windows Server 2008 for x64-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=2d96b85f-f2aa-4e3e-bfc9-a8c254c7e9de

Windows Server 2008 for x64-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=c78f0efc-5c1a-4db7-84df-d67c99eb5115

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=98d9a427-ea13-4a51-8da9-f2353da466ea

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=543ab296-3b6c-4678-969e-50a856b75c24

Windows Server 2012:

https://www.microsoft.com/downloads/details.aspx?familyid=2f4069fa-07e5-4354-b773-94afa0ecc195

Windows Server 2012 R2:

https://www.microsoft.com/downloads/details.aspx?familyid=71e3887e-0b92-41da-b5a0-532e46c5c018

The Microsoft advisory is available at:

https://technet.microsoft.com/library/security/ms15-088

Vendor URL:  technet.microsoft.com/library/security/ms15-088 (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC