CVE-2015-2368

Published: Jul 14, 2015Modified: May 6, 2026

6.9

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 3.4 / Impact: 10.0

Source: NVD

Description

Untrusted search path vulnerability in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Windows DLL Remote Code Execution Vulnerability."

Affected (7)

Products: Microsoft: Windows 7, Windows 8.1, Windows Rt 8.1, Windows Server 2008, Windows Server 2012

5 products

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 7	All versions
Microsoft Windows 8.1	All versions
Microsoft Windows Rt 8.1	All versions
Microsoft Windows Server 2008	Version r2 sp1
Microsoft Windows Server 2012	Version r2
Microsoft Windows Server 2012	Version r2
Microsoft Windows Server 2012	Version r2

References (4)

http://www.securitytracker.com/id/1032898

Source: secure@microsoft.com

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-069

Source: secure@microsoft.com

http://www.securitytracker.com/id/1032898

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-069

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.