CVE-2015-0057

EPSS 68.40% · P99 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-0057

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Microsoft Windows Win32k 特权提升漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Microsoft Windows是美国微软（Microsoft）公司发布的一系列操作系统。win32k.sys是Windows子系统的内核部分，是一个内核模式设备驱动程序，它包含有窗口管理器、后台控制窗口和屏幕输出管理等。由于Microsoft Windows内核模式驱动程序(Win32k.sys)没有正确处理内存对象，因此驱动程序中存在一个特权提升漏洞。成功利用此漏洞的攻击者可以获得特权提升，并能读取任意多次内核内存。攻击者随后可安装程序；查看、更改或删除数据；或者创建拥有完全管理权限的新帐户。以下

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2015-0057

#	POC Description	Source Link	Shenlong Link
1	翻译文章，CVE-2015-0057漏洞在32位和64位系统上的利用。Exploiting the win32k!xxxEnableWndSBArrows use-after-free (CVE 2015-0057) bug on both 32-bit and 64-bit(Aaron Adams of NCC )	https://github.com/55-AA/CVE-2015-0057	POC Details
2	翻译文章，CVE-2015-0057漏洞在32位和64位系统上的利用。Exploiting the win32k!xxxEnableWndSBArrows use-after-free (CVE 2015-0057) bug on both 32-bit and 64-bit(Aaron Adams of NCC )	https://github.com/highandhigh/CVE-2015-0057	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2015-0057

请登录查看更多情报信息。

https://www.exploit-db.com/exploits/39035/exploitx_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/72466vdb-entryx_refsource_BID
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-010vendor-advisoryx_refsource_MS
https://exchange.xforce.ibmcloud.com/vulnerabilities/100431vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2015-0057

Same Patch Batch · n/a · 2015-02-11 · 65 CVEs total

CVE-2015-0048		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0065		Microsoft Word OneTableDocumentStream 远程代码执行漏洞
CVE-2015-0068		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0067		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0066		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0053		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0052		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0051		Microsoft Internet Explorer ASLR 安全绕过漏洞
CVE-2015-0050		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0049		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0054		Microsoft Internet Explorer 特权提升漏洞
CVE-2015-0046		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0045		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0044		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0043		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0042		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0041		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0040		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0039		Microsoft Internet Explorer 内存损坏漏洞
CVE-2015-0038		Microsoft Internet Explorer 内存损坏漏洞

Showing top 20 of 65 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2015-0057

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2015-0057

I. Basic Information for CVE-2015-0057

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2015-0057

III. Intelligence Information for CVE-2015-0057

Same Patch Batch · n/a · 2015-02-11 · 65 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2015-0057

Leave a comment