JVN#18146081
LoadLibrary function in Microsoft Windows fails to validate input properly
Overview
The LoadLibrary function in Microsoft Windows fails to validate input properly.
Products Affected
- Microsoft Windows
Description
The LoadLibrary function in Microsoft Windows fails to validate input properly. As a result, it may load a specially crafted DLL file (CWE-114).
Impact
An arbitrary code may be executed as a result of an application loads a specially crafted DLL file.
Solution
Update the Software
This issue was addressed in MS15-063, released on June 10. 2015. Apply the update according to the information provided by Microsoft.
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| Microsoft Japan Co.,Ltd. | Vulnerable | 2015/06/12 | Microsoft Japan Co.,Ltd. website |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Analyzed on 2015.06.12 (CVSS Base Metrics)
| Measures | Severity | Description | ||
|---|---|---|---|---|
| Access Vector(AV) | Local (L) | Adjacent Network (A) | Network (N) | A vulnerability exploitable with network access means the vulnerable software is bound to the network stack and the attacker does not require local network access or local access. Such a vulnerability is often termed "remotely exploitable". |
| Access Complexity(AC) | High (H) | Medium (M) | Low (L) | Specialized access conditions exist. |
| Authentication(Au) | Multiple (M) | Single (S) | None (N) | Authentication is not required to exploit the vulnerability. |
| Confidentiality Impact(C) | None (N) | Partial (P) | Complete (C) | There is total information disclosure, resulting in all system files being revealed. |
| Integrity Impact(I) | None (N) | Partial (P) | Complete (C) | There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised. |
| Availability Impact(A) | None (N) | Partial (P) | Complete (C) | There is a total shutdown of the affected resource. |
Base Score:7.6
Credit
Takashi Yoshikawa of Mitsui Bussan Secure Directions reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2015-1758 |
| JVN iPedia |
JVNDB-2015-000086 |