ByteOS Network

NVD Vulnerability Details :

CVE-2015-0098

Deferred

Source-secure@microsoft.com

Published At-14 Apr, 2015 | 20:59

Updated At-12 Apr, 2025 | 10:46

Task Scheduler in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges by triggering application execution by an invalid task, aka "Task Scheduler Elevation of Privilege Vulnerability."

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C

Type: Primary

Version: 2.0

Base score: 7.2

Base severity: HIGH

Vector:

AV:L/AC:L/Au:N/C:C/I:C/A:C

CPE Matches

Microsoft Corporation

>>windows_7>>*

cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*

Microsoft Corporation

>>windows_7>>*

cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:*

Microsoft Corporation

>>windows_server_2008>>r2

cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-264	Primary	nvd@nist.gov
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: CWE-264

Type: Primary

Source: nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

Evaluator Description

CWE-701: Weaknesses Introduced During Design

References

Hyperlink	Source	Resource
http://www.securitytracker.com/id/1032112	secure@microsoft.com	N/A
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-037	secure@microsoft.com	N/A
http://www.securitytracker.com/id/1032112	af854a3a-2127-422b-91ae-364da2661108	N/A
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-037	af854a3a-2127-422b-91ae-364da2661108	N/A