CVE-2015-2369

medium

Published 2015-07-14 · Modified 2026-05-06

CVSS v3

—

CVSS v2

6.9

VIR risk

6.9

Description

Untrusted search path vulnerability in Windows Media Device Manager in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rtf file, aka "DLL Planting Remote Code Execution Vulnerability."

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

OS impact

OS	Version	Status
windows	-	affected
windows		affected
windows	r2	affected

References

http://www.securitytracker.com/id/1032898
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-069
http://www.securitytracker.com/id/1032898
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-069

Verify integrity in audit chain (admin only). AS-IS.