CVE-2015-2508

Microsoft Windows 10 - Local Privilege Escalation via Adobe Type Manager Library

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-2508. PoCs published by Google Security Research.

AI-analyzed exploit summary The writeup details a local elevation of privilege (EoP) vulnerability in Windows 10 Build 10130, where the User Mode Font Driver (UMFD) process can be manipulated due to insufficient thread permissions. The analysis explains how arbitrary code execution can be achieved by redirecting thread execution to LoadLibraryW, leveraging environment variables or GDI heap strings.

Description

The Adobe Type Manager Library in Microsoft Windows 10 allows local users to gain privileges via a crafted application, aka "Font Driver Elevation of Privilege Vulnerability."

Exploits (1)

exploitdb WRITEUP VERIFIED

by Google Security Research · textlocalwindows

https://www.exploit-db.com/exploits/38198

View Code ZIP pw:eip

The writeup details a local elevation of privilege (EoP) vulnerability in Windows 10 Build 10130, where the User Mode Font Driver (UMFD) process can be manipulated due to insufficient thread permissions. The analysis explains how arbitrary code execution can be achieved by redirecting thread execution to LoadLibraryW, leveraging environment variables or GDI heap strings.

Classification

Writeup 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Theoretical

Target: Windows 10 Build 10130

No auth needed

Prerequisites: Access to a Windows 10 Build 10130 system · Ability to execute arbitrary code in a low-integrity process

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1055 - Process Injection

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1033485

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-097

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/76592

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/38198/

Scores

EPSS 0.0393

EPSS Percentile 89.0%

Details

CWE

CWE-264

Status published

Products (1)

microsoft/windows_10 (2 CPE variants)

Published Sep 09, 2015

Tracked Since Feb 18, 2026