CVE-2015-1635
HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- February 17, 2015
- Published Date
- April 14, 2015
- Last Updated
- February 10, 2025
- Vendor
- n/a
- Product
- n/a
- Description
- HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
CVSS Scores
CVSS v3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS v2.0
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
SSVC Information
- Exploitation
- active
- Automatable
- Yes
- Technical Impact
- total
References
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2022-02-10 00:00:00 UTC |
Scanner Integrations
| Scanner | URL | Date Detected |
|---|---|---|
| Nuclei | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2015/CVE-2015-1635.yaml | 2025-04-26 00:00:00 UTC |
Potential Proof of Concepts
Warning: These PoCs have not been tested and could contain malware. Use at your own risk.
Cappricio-Securities/CVE-2015-1635
Type: github • Created: 2024-05-28 10:41:07 UTC • Stars: 0
w01ke/CVE-2015-1635-POC
Type: github • Created: 2022-04-17 16:48:44 UTC • Stars: 1
n3rdh4x0r/CVE-2015-1635
Type: github • Created: 2021-07-12 00:37:54 UTC • Stars: 0
n3rdh4x0r/CVE-2015-1635-POC
Type: github • Created: 2021-07-12 00:23:30 UTC • Stars: 2
limkokholefork/CVE-2015-1635
Type: github • Created: 2018-08-02 11:28:14 UTC • Stars: 1
aedoo/CVE-2015-1635-POC
Type: github • Created: 2018-06-20 14:28:11 UTC • Stars: 7
Zx7ffa4512-Python/Project-CVE-2015-1635
Type: github • Created: 2015-04-16 07:31:47 UTC • Stars: 2