CVE-2015-0061

Loading...

General

Score:4.3/10.0
Severity:Low
Category:Information Leak / Disclosure

Impact Metrics

Confidentiality:Partial
Integrity:None
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Published on 11/02/15 - Updated on 08/09/17

Description

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize memory for TIFF images, which allows remote attackers to obtain sensitive information from process memory via a crafted image file, aka "TIFF Processing Information Disclosure Vulnerability."

Category: Information Leak / Disclosure

CWE-200 (Information Exposure)
An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

Security Notices

US National Vulnerability DatabaseCVE-2015-0061
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2015-AVI-067
Microsoft MS15-016

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
microsoftwindows_2003_server
microsoftwindows_7
microsoftwindows_8
microsoftwindows_8.1
microsoftwindows_rt
microsoftwindows_rt_8.1
microsoftwindows_server_2008
microsoftwindows_server_2012
microsoftwindows_vista

Share this vulnerability with:

Twitter Facebook LinkedIn Mail