CVE-2015-2361

high

Description

Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (buffer overflow) by leveraging guest OS privileges, aka "Hyper-V Buffer Overflow Vulnerability."

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-068

http://www.securitytracker.com/id/1032897

Details

Source: Mitre, NVD

Published: 2015-07-14

Updated: 2019-05-08

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H