CVE-2015-6112
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2015-6112
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
SChannel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 lacks the required extended master-secret binding support to ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack," aka "Schannel TLS Triple Handshake Vulnerability."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Windows Schannel TLS三次握手漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。Microsoft Schannel(全称Secure Channel,安全通道)是其中的一个安全支持提供程序(SSP),它可实现安全套接字层(SSL)和传输层安全(TLS) Internet标准身份验证协议,并提供身份验证服务以便在客户端和服务器之间提供安全的通信。 Microsoft Windows的Schannel中存在欺骗漏洞,该漏洞源于TLS协议的支持版本中存在缺陷。攻击者可利用该漏洞实施中间人攻击,在任
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2015-6112
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2015-6112
请登录查看更多情报信息。
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-121vendor-advisoryx_refsource_MS
- https://nvd.nist.gov/vuln/detail/CVE-2015-6112
Same Patch Batch · n/a · 2015-11-11 · 67 CVEs total
| CVE-2015-6104 | Microsoft Windows图形内存远程执行代码漏洞 | |
| CVE-2015-8042 | 多款Adobe产品释放后重用漏洞 | |
| CVE-2015-7663 | 多款Adobe产品释放后重用漏洞 | |
| CVE-2015-7662 | 多款Adobe产品安全漏洞 | |
| CVE-2015-7651 | 多款Adobe产品任意代码执行漏洞 | |
| CVE-2015-6123 | Microsoft Outlook for Mac 欺骗漏洞 | |
| CVE-2015-6115 | Microsoft .NET ASLR绕过漏洞 | |
| CVE-2015-6113 | Microsoft Windows内核安全功能绕过漏洞 | |
| CVE-2015-6111 | Microsoft Windows IPSec 拒绝服务漏洞 | |
| CVE-2015-6109 | Microsoft Windows内核内存信息泄漏漏洞 | |
| CVE-2015-7652 | 多款Adobe产品释放后重用漏洞 | |
| CVE-2015-6103 | Microsoft Windows图形内存远程执行代码漏洞 | |
| CVE-2015-6102 | Microsoft Windows内核内存信息泄漏漏洞 | |
| CVE-2015-6101 | Microsoft Windows内核内存特权提升漏洞 | |
| CVE-2015-6100 | Microsoft Windows内核内存特权提升漏洞 | |
| CVE-2015-6099 | Microsoft .NET 跨站脚本漏洞 | |
| CVE-2015-6098 | Microsoft Windows NDIS 特权提升漏洞 | |
| CVE-2015-6097 | Microsoft Windows日记本堆溢出漏洞 | |
| CVE-2015-6096 | Microsoft .NET 信息泄露漏洞 | |
| CVE-2015-6095 | Microsoft Windows Kerberos 安全功能绕过漏洞 |
Showing top 20 of 67 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2015-6112
No comments yet