NVIDIA 3D Driver Privilege Escalation Vulnerability (CVE-2015-7865)
NVIDIA 3D Driver Privilege Escalation Vulnerability (CVE-2015-7865)
Release date:
Updated on:
Affected Systems:
Nvidia gpu Graphics Driver R358-358.87
Nvidia gpu Graphics Driver R352-354.35
Nvidia gpu Graphics Driver R340-341.92
Description:
CVE (CAN) ID: CVE-2015-7865
Nvidia is the world's leading manufacturer of graphics processing chips and graphics cards.
Nvidia gpu graphics Driver R340-341.92, R352-354.35, R358-358.87 version of Stereoscopic 3D Driver service, nvscpapisvr.exe does not properly restrict access to the stereosvrpipe named pipe, local users execute arbitrary command lines through constructed run key entries, you can obtain elevated permissions.
<* Source: James Forshaw
*>
Suggestion:
Vendor patch:
NVIDIA
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://nvidia.custhelp.com/app/answers/detail/a_id/3807/kw/security
This article permanently updates the link address: