Vulnerability Change Records for CVE-2015-2517

Change History

CVE Modified by Microsoft Corporation 11/28/2016 2:20:32 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/76606 [No Types Assigned]

CVE Modified by Microsoft Corporation 12/21/2016 9:59:38 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securitytracker.com/id/1033485 [No Types Assigned]

Initial CVE Analysis 9/09/2015 12:57:38 PM

Action Type Old Value New Value

CPE Deprecation Remap 5/08/2019 6:3:15 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:microsoft:windows_server_2012:r2:-:-:*:standard:*:*:*
OR
     *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:standard:*:*:*

CPE Deprecation Remap 5/08/2019 6:3:15 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:microsoft:windows_server_2012:r2:-:-:*:datacenter:*:*:*
OR
     *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:datacenter:*:*:*

CPE Deprecation Remap 5/08/2019 6:11:29 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:microsoft:windows_8.1:-:-:-:*:-:-:x64:*
OR
     *cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:pro_n:*:x64:*

Modified Analysis 5/14/2019 4:26:46 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*
     *cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
     *cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
Removed CPE Configuration
OR
     *cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*
     *cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*
     *cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*
     *cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*
     *cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:x64:*
     *cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:x86:*
     *cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:pro_n:*:x64:*
     *cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:pro_n:*:x86:*
     *cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_rt:-:gold:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_server_2012:-:gold:*:*:*:*:*:*
     *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:datacenter:*:*:*
     *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:essentials:*:*:*
     *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:standard:*:*:*
     *cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*

								
						
Changed CVSS V2
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Added CVSS V2 Metadata

								
							
							
						
Victim must voluntarily interact with attack mechanism
Changed Reference Type
http://www.securityfocus.com/bid/76606 No Types Assigned
http://www.securityfocus.com/bid/76606 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securitytracker.com/id/1033485 No Types Assigned
http://www.securitytracker.com/id/1033485 Third Party Advisory, VDB Entry
Changed Reference Type
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-097 No Types Assigned
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-097 Patch, Vendor Advisory
Changed Reference Type
https://www.exploit-db.com/exploits/38278/ No Types Assigned
https://www.exploit-db.com/exploits/38278/ Third Party Advisory, VDB Entry

CPE Deprecation Remap 5/08/2019 6:3:15 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:microsoft:windows_server_2012:r2:-:-:*:essentials:*:*:*
OR
     *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:essentials:*:*:*

CVE Modified by Microsoft Corporation 10/12/2018 6:9:55 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-097 [No Types Assigned]
Removed Reference
http://technet.microsoft.com/security/bulletin/MS15-097 [Patch, Vendor Advisory]

								
						

CPE Deprecation Remap 5/08/2019 6:11:29 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:microsoft:windows_8.1:-:-:-:*:-:-:x86:*
OR
     *cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:pro_n:*:x86:*

CVE Modified by Microsoft Corporation 9/15/2017 9:29:01 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.exploit-db.com/exploits/38278/ [No Types Assigned]