Found an old vulnerability NtUserQueryUserCounters-vulnerability warning-the black bar safety net

2014-11-23T00:00:00
ID MYHACK58:62201456111
Type myhack58
Reporter 佚名
Modified 2014-11-23T00:00:00

Description

NtUserQueryUserCounters()now only win2k and winxp support, there is an overflow, but winxp has been patched, don't know win2k the last version of the patch no, but my virtual machine is not patched, since win2k has no support, it is possible to win2k without patches.

The pseudo-code is as follows:

NtUserQueryUserCounters(

IN DWORD QueryType,

IN LPVOID pIn,

IN DWORD InSize,

OUT LPVOID Result,

IN DWORD OutSize)

{

if (QueryType == QUERY_USER_HANDLES)

[1] [2] [3] [4] next