CVE-2015-0010
Summary
| CVE | CVE-2015-0010 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2015-02-11 03:00:00 UTC |
|---|
| Updated | 2019-05-15 17:04:00 UTC |
|---|
| Description | The CryptProtectMemory function in cng.sys (aka the Cryptography Next Generation driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1, when the CRYPTPROTECTMEMORY_SAME_LOGON option is used, does not check an impersonation token's level, which allows local users to bypass intended decryption restrictions by leveraging a service that (1) has a named-pipe planting vulnerability or (2) uses world-readable shared memory for encrypted data, aka "CNG Security Feature Bypass Vulnerability" or MSRC ID 20707. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Microsoft Windows Kernel 'cng.sys' CVE-2015-0010 Security Bypass Vulnerability |
BID |
www.securityfocus.com |
Third Party Advisory, VDB Entry |
| Issue 128 -
google-security-research -
Windows: Impersonation Check Bypass With CryptProtectMemory and CRYPTPROTECTMEMORY_SAME_LOGON flag -
Google Security Research - Google Project Hosting |
MISC |
code.google.com |
Exploit, Mailing List, Third Party Advisory |
| Microsoft Security Bulletin MS15-010 - Critical | Microsoft Docs |
MS |
docs.microsoft.com |
Patch, Vendor Advisory |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 356244 Amazon Linux Security Advisory for python38 : ALASPYTHON3.8-2023-009
