{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-04-14T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka \"HTTP.sys Remote Code Execution Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01.000Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "MS15-034", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-034"}, {"name": "36773", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/36773/"}, {"name": "120629", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/120629"}, {"name": "1032109", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1032109"}, {"name": "74013", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/74013"}, {"name": "36776", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/36776/"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/131463/Microsoft-Windows-HTTP.sys-Proof-Of-Concept.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2015-1635", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka \"HTTP.sys Remote Code Execution Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "MS15-034", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-034"}, {"name": "36773", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/36773/"}, {"name": "120629", "refsource": "OSVDB", "url": "http://www.osvdb.org/120629"}, {"name": "1032109", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032109"}, {"name": "74013", "refsource": "BID", "url": "http://www.securityfocus.com/bid/74013"}, {"name": "36776", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/36776/"}, {"name": "http://packetstormsecurity.com/files/131463/Microsoft-Windows-HTTP.sys-Proof-Of-Concept.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/131463/Microsoft-Windows-HTTP.sys-Proof-Of-Concept.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T04:47:17.498Z"}, "title": "CVE Program Container", "references": [{"name": "MS15-034", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-034"}, {"name": "36773", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/36773/"}, {"name": "120629", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/120629"}, {"name": "1032109", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1032109"}, {"name": "74013", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/74013"}, {"name": "36776", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/36776/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/131463/Microsoft-Windows-HTTP.sys-Proof-Of-Concept.html"}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2015-1635", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-10T21:15:47.143349Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-02-10", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1635"}}}], "references": [{"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1635", "tags": ["government-resource"]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "timeline": [{"time": "2022-02-10T00:00:00.000Z", "lang": "en", "value": "CVE-2015-1635 added to CISA KEV"}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-22T00:05:32.590Z"}}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2015-1635", "datePublished": "2015-04-14T20:00:00.000Z", "dateReserved": "2015-02-17T00:00:00.000Z", "dateUpdated": "2025-10-22T00:05:32.590Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-034", "name": "MS15-034", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"]}, {"url": "https://www.exploit-db.com/exploits/36773/", "name": "36773", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"]}, {"url": "http://www.osvdb.org/120629", "name": "120629", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"]}, {"url": "http://www.securitytracker.com/id/1032109", "name": "1032109", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"]}, {"url": "http://www.securityfocus.com/bid/74013", "name": "74013", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "https://www.exploit-db.com/exploits/36776/", "name": "36776", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/131463/Microsoft-Windows-HTTP.sys-Proof-Of-Concept.html", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T04:47:17.498Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2015-1635", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-10T21:15:47.143349Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-02-10", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1635"}}}], "timeline": [{"lang": "en", "time": "2022-02-10T00:00:00.000Z", "value": "CVE-2015-1635 added to CISA KEV"}], "references": [{"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1635", "tags": ["government-resource"]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-10T21:15:36.400Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-04-14T00:00:00.000Z", "references": [{"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-034", "name": "MS15-034", "tags": ["vendor-advisory", "x_refsource_MS"]}, {"url": "https://www.exploit-db.com/exploits/36773/", "name": "36773", "tags": ["exploit", "x_refsource_EXPLOIT-DB"]}, {"url": "http://www.osvdb.org/120629", "name": "120629", "tags": ["vdb-entry", "x_refsource_OSVDB"]}, {"url": "http://www.securitytracker.com/id/1032109", "name": "1032109", "tags": ["vdb-entry", "x_refsource_SECTRACK"]}, {"url": "http://www.securityfocus.com/bid/74013", "name": "74013", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "https://www.exploit-db.com/exploits/36776/", "name": "36776", "tags": ["exploit", "x_refsource_EXPLOIT-DB"]}, {"url": "http://packetstormsecurity.com/files/131463/Microsoft-Windows-HTTP.sys-Proof-Of-Concept.html", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka \"HTTP.sys Remote Code Execution Vulnerability.\""}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2018-10-12T19:57:01.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "n/a"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-034", "name": "MS15-034", "refsource": "MS"}, {"url": "https://www.exploit-db.com/exploits/36773/", "name": "36773", "refsource": "EXPLOIT-DB"}, {"url": "http://www.osvdb.org/120629", "name": "120629", "refsource": "OSVDB"}, {"url": "http://www.securitytracker.com/id/1032109", "name": "1032109", "refsource": "SECTRACK"}, {"url": "http://www.securityfocus.com/bid/74013", "name": "74013", "refsource": "BID"}, {"url": "https://www.exploit-db.com/exploits/36776/", "name": "36776", "refsource": "EXPLOIT-DB"}, {"url": "http://packetstormsecurity.com/files/131463/Microsoft-Windows-HTTP.sys-Proof-Of-Concept.html", "name": "http://packetstormsecurity.com/files/131463/Microsoft-Windows-HTTP.sys-Proof-Of-Concept.html", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka \"HTTP.sys Remote Code Execution Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-1635", "STATE": "PUBLIC", "ASSIGNER": "secure@microsoft.com"}}}}, "cveMetadata": {"cveId": "CVE-2015-1635", "state": "PUBLISHED", "dateUpdated": "2025-10-22T00:05:32.590Z", "dateReserved": "2015-02-17T00:00:00.000Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2015-04-14T20:00:00.000Z", "assignerShortName": "microsoft"}, "dataVersion": "5.1"}

{"cisaActionDue": "2022-08-10", "cisaExploitAdd": "2022-02-10", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Microsoft HTTP.sys Remote Code Execution Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "matchCriteriaId": "B320A104-9037-487E-BC9A-62B4A6B49FD0", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka \"HTTP.sys Remote Code Execution Vulnerability.\""}, {"lang": "es", "value": "HTTP.sys en Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, y Windows Server 2012 Gold y R2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de solicitudes HTTP manipuladas, tambi\u00e9n conocido como 'vulnerabilidad de la ejecuci\u00f3n de c\u00f3digo remotos de HTTP.sys.'"}], "id": "CVE-2015-1635", "lastModified": "2026-04-22T16:42:38.730", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2015-04-14T20:59:01.263", "references": [{"source": "secure@microsoft.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/131463/Microsoft-Windows-HTTP.sys-Proof-Of-Concept.html"}, {"source": "secure@microsoft.com", "tags": ["Broken Link"], "url": "http://www.osvdb.org/120629"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry", "Broken Link"], "url": "http://www.securityfocus.com/bid/74013"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry", "Broken Link"], "url": "http://www.securitytracker.com/id/1032109"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-034"}, {"source": "secure@microsoft.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/36773/"}, {"source": "secure@microsoft.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/36776/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/131463/Microsoft-Windows-HTTP.sys-Proof-Of-Concept.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.osvdb.org/120629"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry", "Broken Link"], "url": "http://www.securityfocus.com/bid/74013"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry", "Broken Link"], "url": "http://www.securitytracker.com/id/1032109"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-034"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/36773/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/36776/"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["US Government Resource"], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1635"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-94"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{}