Zero-day vulnerability in Windows

Memory corruption
CVE-2015-2387

The exploit code was revealed after Hacking Team data leak.
Public exploit code for this vulnerability became available as part of the Hacking Team leaks on July 5, 2015.

Vulnerability details

Advisory: SB2015070702 - Arbitrary code execution in Microsoft Windows

Vulnerable component: Windows

CVE-ID: CVE-2015-2387

CVSSv3 score: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description:

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in the Adobe Type Manager module (ATMFD.dll). A local attacker can execute a specially crafted application, trigger memory corruption, bypass OS-level sandboxing and execute arbitrary code with SYSTEM privileges.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

Vulnerability Scanning SaaS

Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.