Microsoft Windows HTTP Protocol Stack CVE-2015-1635 Remote Code Execution Vulnerability

Microsoft Windows is prone to a remote code-execution vulnerability.

An attacker can leverage this issue to execute arbitrary code in the context of the system account. Failed exploit attempts will likely result in denial-of-service conditions.

Information

Bugtraq ID: 74013
Class: Design Error
CVE: CVE-2015-1635

Remote: Yes
Local: No
Published: Apr 14 2015 12:00AM
Updated: Aug 10 2017 06:10PM
Credit: Citrix Security Response Team
Vulnerable: Siemens SPECT/CT Systems 0
Siemens SPECT Workplaces/Symbia.net 0
Siemens SPECT Systems 0
Siemens PET/CT Systems 0
Microsoft Windows Server 2012 R2 0
Microsoft Windows Server 2012 0
Microsoft Windows Server 2008 R2 for x64-based Systems SP1
Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Microsoft Windows 8 for x64-based Systems 0
Microsoft Windows 8 for 32-bit Systems 0
Microsoft Windows 7 for x64-based Systems SP1
Microsoft Windows 7 for 32-bit Systems SP1
Avaya Meeting Exchange - Webportal 6.2
Avaya Meeting Exchange - Webportal 6.0
Avaya Meeting Exchange - Webportal 5.2.1
Avaya Meeting Exchange - Webportal 5.2
Avaya Meeting Exchange - Webportal 5.0.1
Avaya Meeting Exchange - Webportal 5.0
Avaya Meeting Exchange - Web Conferencing Server 6.2
Avaya Meeting Exchange - Web Conferencing Server 6.0
Avaya Meeting Exchange - Web Conferencing Server 5.2.1
Avaya Meeting Exchange - Web Conferencing Server 5.2
Avaya Meeting Exchange - Web Conferencing Server 5.0.1
Avaya Meeting Exchange - Web Conferencing Server 5.0
Avaya Meeting Exchange - Streaming Server 6.2
Avaya Meeting Exchange - Streaming Server 6.0
Avaya Meeting Exchange - Streaming Server 5.2.1
Avaya Meeting Exchange - Streaming Server 5.2
Avaya Meeting Exchange - Streaming Server 5.0.1
Avaya Meeting Exchange - Streaming Server 5.0
Avaya Meeting Exchange - Recording Server 6.2
Avaya Meeting Exchange - Recording Server 6.0
Avaya Meeting Exchange - Recording Server 5.2.1
Avaya Meeting Exchange - Recording Server 5.2
Avaya Meeting Exchange - Recording Server 5.0.1
Avaya Meeting Exchange - Recording Server 5.0
Avaya Meeting Exchange - Client Registration Server 6.2
Avaya Meeting Exchange - Client Registration Server 6.0
Avaya Meeting Exchange - Client Registration Server 5.2.1
Avaya Meeting Exchange - Client Registration Server 5.2
Avaya Meeting Exchange - Client Registration Server 5.0.1
Avaya Meeting Exchange - Client Registration Server 5.0

Not Vulnerable:

Exploit

The following exploit code is available:
Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

• /data/vulnerabilities/exploits/74013.txt
• /data/vulnerabilities/exploits/74013.txt

References:

• Microsoft Homepage (Microsoft)
  
• ASA-2015-151 (Avaya)
  
• ICSMA-17-215-02: Siemens Molecular Imaging Vulnerabilities (CERT)
  
• Microsoft Security Bulletin MS15-034 (Microsoft)
  

Source: www.securityfocus.com