CVE-2015-2430

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version

Description The issue allows attackers to bypass an application sandbox protection mechanism and perform unspecified filesystem actions via a crafted application. An elevation of privilege exists in Microsoft Windows when it improperly allows certain filesystem interactions from within vulnerable sandboxed applications. An attacker who successfully exploited this issue could improperly interact with the filesystem and attempt to escape the application sandbox. To exploit the issue, an attacker would have to convince the user to open a specially crafted file.

Recommendations For Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.