This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Microsoft advisory MS15-075 (CVE-2015-2416 and CVE-2015-2417) is not covered within a Secunia Advisory

Summary

Secunia Research has rejected Microsoft advisory MS15-075 (CVE-2015-2416 and CVE-2015-2417)

Synopsis

Microsoft advisory MS15-075 (CVE-2015-2416 and CVE-2015-2417) is not covered within a Secunia Advisory.

References:
https://technet.microsoft.com/en-us/library/security/MS15-075

Reasons:
Both issues (CVE-2015-2416 and CVE-2015-2417) are rejected due to requiring another vulnerability.


Discussion

Reason for Rating:

The outlined exploitation scenario requires a further vulnerability, for example a vulnerability in Internet Explorer, to allow the execution of arbitrary code to finally utilize the privilege gain from limited privileges to a medium integrity level (permissions of the current user). As another vulnerability is required, this is considered a hardening mechanism in this specific context.

‎Nov 15, 2018 04:30 PM

Was this article helpful? Yes No
No ratings
0 Kudos
Version history
Last update:
‎Nov 15, 2018 04:30 PM
Updated by:
Community Manager Community Manager