CVE-2015-6125

{"id": "CVE-2015-6125", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-12-09T11:59:10.190", "references": [{"url": "http://www.securitytracker.com/id/1034323", "source": "secure@microsoft.com"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-127", "source": "secure@microsoft.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in the DNS server in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka \"Windows DNS Use After Free Vulnerability.\""}, {"lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en el servidor DNS en Microsoft Windows Server 2008 SP2 y R2 SP1 y Server 2012 Gold y R2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de peticiones manipuladas, tambi\u00e9n conocida como 'Windows DNS Use After Free Vulnerability'."}], "lastModified": "2019-05-08T22:03:15.720", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:gold:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0768220B-DBA8-4F5D-B955-A84960629818"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:datacenter:*:*:*", "vulnerable": true, "matchCriteriaId": "32BCD530-F6E2-4F9B-AD4C-7DF2BED00296"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:essentials:*:*:*", "vulnerable": true, "matchCriteriaId": "A1318333-EF3A-4DBA-8DD7-367BF843F70D"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:standard:*:*:*", "vulnerable": true, "matchCriteriaId": "74B5E7C1-6C1D-4605-91CF-AF105EFA678D"}], "operator": "OR"}]}], "evaluatorComment": "<a href=\"https://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", "sourceIdentifier": "secure@microsoft.com"}