What is CVE-2015-6125?

CVE-2015-6125 is a vulnerability in Microsoft Windows_server_2008. Published 2015-12-09.

Is CVE-2015-6125 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Windows_server_2008

CVE-2015-6125

Use-after-free vulnerability in the DNS server in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Use After Free Vulnerabilit…

EPSS: 0.592 (98.3th percentile) — read the EPSS interpretation.

Affected products

Microsoft Windows_server_2008 — versions r2
Microsoft Windows_server_2012 — versions r2
N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

1034323 (vdb-entry, x_refsource_SECTRACK)
MS15-127 (x_refsource_MS, vendor-advisory)

Frequently asked questions

What is CVE-2015-6125?: CVE-2015-6125 is a vulnerability in Microsoft Windows_server_2008. Published 2015-12-09.
Is CVE-2015-6125 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.