Vulnerabilities > CVE-2015-6125 - Unspecified vulnerability in Microsoft Windows Server 2008 and Windows Server 2012
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN microsoft
nessus
Summary
Use-after-free vulnerability in the DNS server in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Use After Free Vulnerability."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 6 |
Msbulletin
| bulletin_id | MS15-127 |
| bulletin_url | |
| date | 2015-12-08T00:00:00 |
| impact | Remote Code Execution |
| knowledgebase_id | 3100465 |
| knowledgebase_url | |
| severity | Critical |
| title | Security Update for Microsoft Windows DNS to Address Remote Code Execution |
Nessus
| NASL family | Windows : Microsoft Bulletins |
| NASL id | SMB_NT_MS15-127.NASL |
| description | The remote Windows host is affected by a remote code execution vulnerability in the Windows Domain Name System (DNS) server due to improper parsing of DNS requests. A remote attacker can exploit this, via specially crafted DNS requests, to execute arbitrary code in the context of the Local System Account. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 87256 |
| published | 2015-12-08 |
| reporter | This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/87256 |
| title | MS15-127: Security Update for Microsoft Windows DNS to Address Remote Code Execution (3100465) |