The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6173 and CVE-2015-6174.
Vector
LOCAL
Complexity
LOW
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
Microsoft Windows Vista Service Pack 2
Microsoft Windows server 2012 R2 (not an official CPE)
Microsoft Windows Server 2012
Microsoft Windows server 2008 R2 Sp1 ~~~~x64~ (not an official CPE)
Microsoft Windows Server 2008 Service Pack 2
Microsoft Windows server 2008 R2 Sp1 ~~~~itanium~ (not an official CPE)
Microsoft Windows RT 8.1
Microsoft Windows RT
Microsoft Windows 8.1 - (not an official CPE)
Microsoft Windows 8 - (not an official CPE)
Microsoft Windows 7 - Sp1 (not an official CPE)
Microsoft Windows 10 - (not an official CPE)
Microsoft Windows 10 1511 (not an official CPE)
KB3109094 | MS15-135 - Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege
KB3116869 | MS15-135 - Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege
KB3116900 | MS15-135 - Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege
Permissions, Privileges, and Access Controls (ID 264)
Related CAPEC 6
Accessing, Modifying or Executing Executable Files (CAPEC-ID 17)
Leverage Executable Code in Non-Executable Files (CAPEC-ID 35)
Blue Boxing (CAPEC-ID 5)
Restful Privilege Elevation (CAPEC-ID 58)
Target Programs with Elevated Privileges (CAPEC-ID 69)
Manipulating Input to File System Calls (CAPEC-ID 76)