CVE-2015-6125

Use-after-free vulnerability in the DNS server in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Use After Free Vulnerability."

Published: Dec 9, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-6125
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / windows_server_2012	-	-
microsoft / windows_server_2008	--sp2	--sp2.x
microsoft / windows_server_2008	r2-sp1	r2-sp1.x
microsoft / windows_server_2012	r2	r2.x

http://www.securitytracker.com/id/1034323
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-127

Vulnerability Database

289,571

CVE-2015-6125