VDB

GSD-2015-1635

GSD-2015-1635 PUBLISHED CVSS 9.800000190734863 CRITICAL

HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
n/an/an/a

Timeline

  • Apr 14, 2015 CVE Published
  • May 14, 2016 PoC Published
  • Nov 23, 2016 PoC Published
  • May 29, 2018 PoC Published
  • Jun 14, 2023 PoC Published
  • Dec 24, 2024 PoC Published
  • Feb 6, 2025 PoC Published
  • Feb 23, 2025 PoC Published
  • Feb 23, 2025 PoC Published
  • Feb 2, 2026 PoC Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›