{"cve":{"cve_id":"CVE-2015-1635","is_kev":true,"kev_date_added":"2022-02-10","kev_vendor_project":"Microsoft","kev_product":"HTTP.sys","kev_vulnerability_name":"Microsoft HTTP.sys Remote Code Execution Vulnerability","kev_short_description":"Microsoft HTTP protocol stack (HTTP.sys) contains a vulnerability that allows for remote code execution.","kev_required_action":"Apply updates per vendor instructions.","kev_due_date":"2022-08-10","kev_known_ransomware":false,"kev_notes":"https://nvd.nist.gov/vuln/detail/CVE-2015-1635","kev_cwes":["CWE-94"],"epss_score":0.99999,"epss_percentile":0.99998,"epss_as_of":"2026-06-23","description":"HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka \"HTTP.sys Remote Code Execution Vulnerability.\"","published_at":"2015-04-14T20:00:00Z","last_modified_at":null,"cvss_v3_score":9.8,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss_v3_severity":"CRITICAL","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"active","ssvc_automatable":true,"ssvc_technical_impact":"total","cwes":["CWE-94"],"nvd_references":["https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-034","https://www.exploit-db.com/exploits/36773/","http://www.osvdb.org/120629","http://www.securitytracker.com/id/1032109","http://www.securityfocus.com/bid/74013","https://www.exploit-db.com/exploits/36776/","http://packetstormsecurity.com/files/131463/Microsoft-Windows-HTTP.sys-Proof-Of-Concept.html"],"vuln_status":null,"trending_score":0.6099982,"is_trending":true,"has_trended":true,"trended_number_one":false,"trending_peak_score":0.6099982,"trending_peak_rank":34,"started_trending_at":"2026-06-29T02:30:27.366045Z","trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:31.350578Z","updated_at":"2026-06-29T02:30:27.550645Z"},"effective_severity":"CRITICAL","badges":["kev","poc","trending","epss"],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[],"exploit_refs":[{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2015/CVE-2015-1635.yaml","title":"Microsoft Windows 'HTTP.sys' - Remote Code Execution","author":"Phillipo","disclosed_at":null}],"news":[],"references":[{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-034","source_type":"MISC","tags":[]},{"url":"https://www.exploit-db.com/exploits/36773/","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://www.osvdb.org/120629","source_type":"MISC","tags":[]},{"url":"http://www.securitytracker.com/id/1032109","source_type":"MISC","tags":[]},{"url":"http://www.securityfocus.com/bid/74013","source_type":"MISC","tags":[]},{"url":"https://www.exploit-db.com/exploits/36776/","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://packetstormsecurity.com/files/131463/Microsoft-Windows-HTTP.sys-Proof-Of-Concept.html","source_type":"EXPLOIT","tags":["exploit"]}],"timeline":[{"type":"published","at":"2015-04-14T20:00:00Z","label":"CVE published","source":null},{"type":"cisa_reported","at":"2022-02-10T00:00:00Z","label":"Added to CISA KEV catalog","source":"kev"},{"type":"poc_available","at":"2026-06-24T00:29:48.638073Z","label":"Public PoC available","source":"nuclei"},{"type":"ssvc_changed","at":"2026-06-24T00:31:01.449015Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-24T00:31:01.449015Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-24T00:31:01.449015Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"cvss_changed","at":"2026-06-24T00:31:01.449015Z","label":"CVSS score revised","source":"vulnrichment"},{"type":"cvss_changed","at":"2026-06-24T00:31:01.449015Z","label":"CVSS score revised","source":"vulnrichment"},{"type":"cvss_changed","at":"2026-06-24T00:31:01.449015Z","label":"CVSS score revised","source":"vulnrichment"},{"type":"started_trending","at":"2026-06-29T02:30:27.366045Z","label":"Started trending","source":null}]}