Vulnerability Description
Unquoted Windows search path vulnerability in the Smart Maximize Helper (nvSmartMaxApp.exe) in the Control Panel in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to gain privileges via a Trojan horse application, as demonstrated by C:\Program.exe.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Gpu Driver | >= 340, < 341.92 |
| Microsoft | Windows | All versions |
References
- http://nvidia.custhelp.com/app/answers/detail/a_id/3806/kw/securityVendor Advisory
- http://www.securitytracker.com/id/1034175Third Party AdvisoryVDB Entry
- https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c0Third Party Advisory
- http://nvidia.custhelp.com/app/answers/detail/a_id/3806/kw/securityVendor Advisory
- http://www.securitytracker.com/id/1034175Third Party AdvisoryVDB Entry
- https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c0Third Party Advisory
FAQ
What is CVE-2015-7866?
CVE-2015-7866 is a vulnerability with a CVSS score of 7.2 (HIGH). Unquoted Windows search path vulnerability in the Smart Maximize Helper (nvSmartMaxApp.exe) in the Control Panel in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 befo...
How severe is CVE-2015-7866?
CVE-2015-7866 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-7866?
Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Gpu Driver, Microsoft Windows.