← back
CVE-2015-0096observed exploitation

CVE-2015-0096

82Vexday Risk Score

Patch now. It exploitation observed by VulnCheck and has a working public exploit.

ssvc Actepss 71%
from disclosure to weapon0 days
Published on NVDMar 11
1st PoCJul 18
metasploitMar 10
VulnCheck+2471d
exploitation probability
71%top 1% of all CVEs
observed exploitation
yesVulnCheck
1 public exploit(s)
Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, leading to DLL loading during Windows Explorer access to the icon of a crafted shortcut, aka "DLL Planting Remote Code Execution Vulnerability."
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.