Vulnerability Details CVE-2015-0084
The Task Scheduler in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to bypass intended restrictions on launching executable files via a crafted task, aka "Task Scheduler Security Feature Bypass Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 78.2%
CVSS Severity
CVSS v2 Score 2.1
References
- http://www.securityfocus.com/bid/72913
- http://www.securitytracker.com/id/1031893
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-028
- http://www.securityfocus.com/bid/72913
- http://www.securitytracker.com/id/1031893
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-028
Products affected by CVE-2015-0084
-
cpe:2.3:o:microsoft:windows_7:-
-
cpe:2.3:o:microsoft:windows_8.1:-
-
cpe:2.3:o:microsoft:windows_8:-
-
cpe:2.3:o:microsoft:windows_rt:-
-
cpe:2.3:o:microsoft:windows_rt_8.1:-
-
cpe:2.3:o:microsoft:windows_server_2008:r2
-
cpe:2.3:o:microsoft:windows_server_2012:-
-
cpe:2.3:o:microsoft:windows_server_2012:r2