PT-2015-2957 · Microsoft · Windows Server 2012 R2+3
Published
2015-12-08
·
Updated
2019-05-08
·
CVE-2015-6125
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Microsoft Windows Server 2008 SP2
Microsoft Windows Server 2008 R2 SP1
Microsoft Windows Server 2012 Gold
Microsoft Windows Server 2012 R2
Description
The issue is related to a use-after-free vulnerability in the DNS server of Microsoft Windows. This vulnerability can be exploited by remote attackers using specially crafted requests, potentially allowing them to execute arbitrary code.
Recommendations
For Microsoft Windows Server 2008 SP2, update to a version that includes the fix for this issue.
For Microsoft Windows Server 2008 R2 SP1, update to a version that includes the fix for this issue.
For Microsoft Windows Server 2012 Gold, update to a version that includes the fix for this issue.
For Microsoft Windows Server 2012 R2, update to a version that includes the fix for this issue.
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows Server 2008 R2 Sp1
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2