CVE-2015-1635

critical-risk
Published 2015-04-14

HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."

Do I need to act?

!
94.3% chance of exploitation in next 30 days
EPSS score — higher than 6% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
!
2 public exploits available
36773, 36776
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (7)

Affected Vendors

Microsoft

References (15)

Exploit http://packetstormsecurity.com/files/131463/Microsoft-Windows-HTTP.sys-Proof-Of-...
Broken Link http://www.osvdb.org/120629
Third Party Advisory http://www.securityfocus.com/bid/74013
Third Party Advisory http://www.securitytracker.com/id/1032109
Patch https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-03...
Exploit https://www.exploit-db.com/exploits/36773/
Exploit https://www.exploit-db.com/exploits/36776/
Exploit http://packetstormsecurity.com/files/131463/Microsoft-Windows-HTTP.sys-Proof-Of-...
Broken Link http://www.osvdb.org/120629
Third Party Advisory http://www.securityfocus.com/bid/74013
Third Party Advisory http://www.securitytracker.com/id/1032109
Patch https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-03...
Exploit https://www.exploit-db.com/exploits/36773/
Exploit https://www.exploit-db.com/exploits/36776/
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-...
73
/ 100
critical-risk
Severity 32/34 · Critical
Exploitability 27/34 · High
Exposure 14/34 · Moderate