# CVE-2019-0803
Win32k Elevation of Privilege Poc

Reference
-----------------------------
(steal Security token) https://github.com/mwrlabs/CVE-2016-7255


EDB Note: Download ~ https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46920.zip

exploitpack 3

packetstorm 4

checkpoint_advisories 2

symantec 2

zdt 5

myhack58 4

fireeye 4

prion 4

seebug 1

thn 3

attackerkb 4

cve 4

mscve 2

cisa_kev 2

canvas 2

exploitdb 2

metasploit 1

mskb 25

githubexploit 1

mmpc 1

krebs 1

openvas 10

nessus 11

securelist 1

googleprojectzero 2

threatpost 2

qualysblog 3

wallarmlab 1

kaspersky 4

ics 1

talosblog 1

exploitpack

Microsoft Windows - Win32k Local Privilege Escalation

2019-05-15 00:00:00

Microsoft Windows Kernel - win32k.sys NtSetWindowLongPtr Local Privilege Escalation (MS16-135) (2)

2017-01-08 00:00:00

Microsoft Windows Kernel - win32k Denial of Service (MS16-135)

2016-11-09 00:00:00

packetstorm

Microsoft Windows kernel win32k Denial Of Service

2016-11-14 00:00:00

Microsoft Windows Kernel win32k.sys NtSetWindowLongPtr Privilege Escalation

2017-01-12 00:00:00

Win32k ConsoleControl Offset Confusion

2021-03-19 00:00:00

checkpoint_advisories

Microsoft Windows Win32k Elevation of Privilege (MS16-135: CVE-2016-7255)

2016-11-08 00:00:00

Microsoft Windows GDI Elevation of Privilege (CVE-2019-0803)

2019-04-09 00:00:00

symantec

Microsoft Windows Kernel 'Win32k.sys' CVE-2016-7255 Local Privilege Escalation Vulnerability

2016-11-08 00:00:00

Microsoft Windows Kernel 'Win32k.sys' CVE-2019-0803 Local Privilege Escalation Vulnerability

2019-04-09 00:00:00

zdt

Microsoft Windows Kernel - win32k.sys NtSetWindowLongPtr Privilege Escalation (MS16-135) (2)

2017-01-11 00:00:00

Microsoft Windows Kernel - win32k Denial of Service (MS16-135) Exploit

2016-11-10 00:00:00

Microsoft Windows Kernel win32k.sys - 'NtSetWindowLongPtr' Privilege Escalation (MS16-13

2016-11-24 00:00:00

myhack58

“cerber”blackmailer for CVE-2016-7255 exploit analysis-exploit warning-the black bar safety net

2017-03-23 00:00:00

CVE-2016-7255: analysis of Mining the Windows kernel to mention the right vulnerability-vulnerability warning-the black bar safety net

2016-12-31 00:00:00

For the APT organization to use the EPS vulnerabilities in and mention the right vulnerability analysis-vulnerability warning-the black bar safety net

2017-05-17 00:00:00

fireeye

Cyber Espionage is Alive and Well: APT32 and the Threat to Global Corporations

2017-05-14 18:00:00

Cyber Espionage is Alive and Well: APT32 and the Threat to Global Corporations

2017-05-14 18:00:00

EPS Processing Zero-Days Exploited by Multiple Threat Actors

2017-05-09 13:00:00

prion

Privilege escalation

2016-11-10 07:00:00

Privilege escalation

2019-04-09 21:29:00

Privilege escalation

2019-04-09 21:29:00

seebug

Win32k elevation of privilege vulnerability MS16-135）(CVE-2016-7255)

2016-11-10 00:00:00

thn

Microsoft Patches Windows Zero-Day Flaw Disclosed by Google

2016-11-09 06:12:00

Researchers Fingerprint Exploit Developers Who Help Several Malware Authors

2020-10-02 09:59:00

Microsoft Releases April 2019 Security Updates — Two Flaws Under Active Attack

2019-04-09 18:01:00

attackerkb

CVE-2016-7255

2016-11-10 00:00:00

CVE-2019-0685

2019-04-09 00:00:00

CVE-2019-0859

2019-04-09 00:00:00

cve

CVE-2016-7255

2016-11-10 07:00:00

CVE-2019-0685

2019-04-09 21:29:00

CVE-2019-0859

2019-04-09 21:29:00

mscve

Win32k Elevation of Privilege Vulnerability

2016-11-08 08:00:00

Win32k Elevation of Privilege Vulnerability

2019-04-09 07:00:00

cisa_kev

Microsoft Win32k Privilege Escalation Vulnerability

2021-11-03 00:00:00

Microsoft Win32k Privilege Escalation Vulnerability

2021-11-03 00:00:00

canvas

Immunity Canvas: DDE_CLOSEHANDLE_LPE

2019-04-09 21:29:00

Immunity Canvas: MS16_135

2016-11-10 02:00:09

exploitdb

Microsoft Windows Kernel - 'win32k.sys NtSetWindowLongPtr' Local Privilege Escalation (MS16-135) (2)

2017-01-08 00:00:00

Microsoft Windows Kernel - 'win32k' Denial of Service (MS16-135)

2016-11-09 00:00:00

metasploit

Win32k ConsoleControl Offset Confusion

2022-02-18 20:23:38

mskb

MS16-135: Description of the security update for Windows kernel-mode drivers: November 8, 2016

2016-11-08 08:00:00

MS16-135: Security update for Windows kernel-mode drivers: November 8, 2016

2016-11-08 00:00:00

November 2016 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1

2016-11-08 08:00:00

githubexploit

Exploit for Out-of-bounds Write in Microsoft

2020-07-19 08:20:57

mmpc

Hardening Windows 10 with zero-day exploit mitigations

2017-01-13 21:28:49

krebs

Patch Tuesday Lowdown, April 2019 Edition

2019-04-10 00:07:33

openvas

Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities (3199135)

2016-11-09 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB4493451)

2019-04-10 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB4493472)

2019-04-10 00:00:00

nessus

MS16-135: Security Update for Windows Kernel-Mode Drivers (3199135)

2016-11-08 00:00:00

KB4493458: Windows Server 2008 April 2019 Security Update

2019-04-09 00:00:00

KB4493448: Windows 7 and Windows Server 2008 R2 April 2019 Security Update

2019-04-09 00:00:00

securelist

The zero-day exploits of Operation WizardOpium

2020-05-28 10:00:09

googleprojectzero

TFW you-get-really-excited-you-patch-diffed-a-0day-used-in-the-wild-but-then-find-out-it-is-the-wrong-vuln

2020-04-02 00:00:00

Detection Deficit: A Year in Review of 0-days Used In-The-Wild in 2019

2020-07-29 00:00:00

threatpost

Microsoft Patches Zero Day Disclosed by Google

2016-11-08 14:57:26

Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks

2020-10-21 20:31:17

qualysblog

April 2019 Patch Tuesday – 74 Vulns, 16 Critical, 2 Actively Attacked, 1 PoC Exploit, Adobe Vulns

2019-04-09 18:50:54

NSA Alert: Chinese State-Sponsored Actors Exploit Known Vulnerabilities

2020-10-22 23:10:29

Managing CISA Known Exploited Vulnerabilities with Qualys VMDR

2022-02-23 05:39:00

wallarmlab

Weekly exploit digest – March, 15-21 – VMware View Planner, Win32k ConsoleControl, Microsoft Windows Containers DP API

2021-03-21 13:09:00

kaspersky

KLA11832 Multiple vulnerabilities in Microsoft Products (ESU)

2016-11-08 00:00:00

KLA10897 Multiple vulnerabilities in Microsoft Windows

2016-11-08 00:00:00

KLA11875 Multiple vulnerabilities in Microsoft Products (ESU)

2019-04-09 00:00:00

ics

Potential for China Cyber Response to Heightened U.S.–China Tensions

2020-10-20 12:00:00

talosblog

Microsoft Patch Tuesday — April 2019: Vulnerability disclosures and Snort coverage

2019-04-09 11:10:02

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

78.8%

JSON

Related for EDB-ID:46920

Microsoft Windows - &#039;Win32k&#039; Local Privilege Escalation

Related

Microsoft Windows - 'Win32k' Local Privilege Escalation