CVE-2015-7865 - OpenCVE

nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to the stereosvrpipe named pipe, which allows local users to gain privileges via a commandline in a number 2 command, which is stored in the HKEY_LOCAL_MACHINE explorer Run registry key, a different vulnerability than CVE-2011-4784.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:A/AC:L/Au:S/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows
Nvidia	Gpu Driver

Configuration 1 [-]

AND

OR	cpe:2.3:a:nvidia:gpu_driver::::::::
	cpe:2.3:a:nvidia:gpu_driver::::::::
	cpe:2.3:a:nvidia:gpu_driver::::::::

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://nvidia.custhelp.com/app/answers/detail/a_id/3807/kw/security
http://packetstormsecurity.com/files/134520/NVIDIA-Stereoscopic-3D-Driver-Service-Arbitrary-Run-Key-Creation.html
http://www.securitytracker.com/id/1034173
https://code.google.com/p/google-security-research/issues/detail?id=515
https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04971867
https://www.exploit-db.com/exploits/38792/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2015-11-24T20:00:00

Updated: 2024-08-06T08:06:30.213Z

Reserved: 2015-10-19T00:00:00

Link: CVE-2015-7865

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2015-11-24T20:59:11.157

Modified: 2019-02-13T21:10:10.853

Link: CVE-2015-7865

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-11-13T00:00:00", "descriptions": [{"lang": "en", "value": "nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to the stereosvrpipe named pipe, which allows local users to gain privileges via a commandline in a number 2 command, which is stored in the HKEY_LOCAL_MACHINE explorer Run registry key, a different vulnerability than CVE-2011-4784."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-05T22:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1034173", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1034173"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/134520/NVIDIA-Stereoscopic-3D-Driver-Service-Arbitrary-Run-Key-Creation.html"}, {"name": "HPSBHF03545", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04971867"}, {"name": "38792", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/38792/"}, {"tags": ["x_refsource_MISC"], "url": "https://code.google.com/p/google-security-research/issues/detail?id=515"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/3807/kw/security"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-7865", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to the stereosvrpipe named pipe, which allows local users to gain privileges via a commandline in a number 2 command, which is stored in the HKEY_LOCAL_MACHINE explorer Run registry key, a different vulnerability than CVE-2011-4784."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1034173", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034173"}, {"name": "http://packetstormsecurity.com/files/134520/NVIDIA-Stereoscopic-3D-Driver-Service-Arbitrary-Run-Key-Creation.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/134520/NVIDIA-Stereoscopic-3D-Driver-Service-Arbitrary-Run-Key-Creation.html"}, {"name": "HPSBHF03545", "refsource": "HP", "url": "https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04971867"}, {"name": "38792", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/38792/"}, {"name": "https://code.google.com/p/google-security-research/issues/detail?id=515", "refsource": "MISC", "url": "https://code.google.com/p/google-security-research/issues/detail?id=515"}, {"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/3807/kw/security", "refsource": "CONFIRM", "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/3807/kw/security"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T08:06:30.213Z"}, "title": "CVE Program Container", "references": [{"name": "1034173", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1034173"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/134520/NVIDIA-Stereoscopic-3D-Driver-Service-Arbitrary-Run-Key-Creation.html"}, {"name": "HPSBHF03545", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04971867"}, {"name": "38792", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/38792/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://code.google.com/p/google-security-research/issues/detail?id=515"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/3807/kw/security"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-7865", "datePublished": "2015-11-24T20:00:00", "dateReserved": "2015-10-19T00:00:00", "dateUpdated": "2024-08-06T08:06:30.213Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", "matchCriteriaId": "3937929C-A1C1-40AC-9E8C-1B5F120B0EDB", "versionEndExcluding": "341.92", "versionStartIncluding": "340", "vulnerable": true}, {"criteria": "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", "matchCriteriaId": "FEDBBE2C-8B0F-49CA-A28B-C35EEE3DBA5C", "versionEndExcluding": "354.35", "versionStartIncluding": "352", "vulnerable": true}, {"criteria": "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF3237AD-D1E3-4857-999E-22FAAC340F16", "versionEndExcluding": "358.87", "versionStartIncluding": "358", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to the stereosvrpipe named pipe, which allows local users to gain privileges via a commandline in a number 2 command, which is stored in the HKEY_LOCAL_MACHINE explorer Run registry key, a different vulnerability than CVE-2011-4784."}, {"lang": "es", "value": "nvSCPAPISvr.exe en el Stereoscopic 3D Driver Service en el controlador de gr\u00e1ficos NVIDIA GPU R340 en versiones anteriores a 341.92, R352 en versiones anteriores a 354.35 y R358 en versiones anteriores a 358.87 en Windows no restringe adecuadamente el acceso a la tuber\u00eda llamada stereosvrpipe, lo que permite a usuarios locales obtener privilegios a trav\u00e9s de una l\u00ednea de comandos en un comando n\u00famero 2, que se almacena enla clave de registro HKEY_LOCAL_MACHINE explorer Run, una vulnerabilidad diferente a CVE-2011-4784."}], "id": "CVE-2015-7865", "lastModified": "2019-02-13T21:10:10.853", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 7.7, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 5.1, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-11-24T20:59:11.157", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/3807/kw/security"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/134520/NVIDIA-Stereoscopic-3D-Driver-Service-Arbitrary-Run-Key-Creation.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1034173"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://code.google.com/p/google-security-research/issues/detail?id=515"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04971867"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/38792/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "nvd@nist.gov", "type": "Primary"}]}