42 matches found
Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability
...
KLA48553 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface, cause denial of service, bypass security restrictions. Below is a complete list of...
Microsoft Windows Multiple Vulnerabilities (KB5021235)
This host is missing an important security update according to Microsoft KB5021235 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
CVE-2022-22049 Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
...
CVE-2022-22026
CVE-2022-22026 is a Windows CSRSS Elevation of Privilege vulnerability. The connected document confirms it as one of the CSRSS issues fixed during the July 2022 Patch Tuesday cycle, noting that two other CSRSS flaws (CVE-2022-22047 and CVE-2022-22049) were also fixed. The exact affected product s...
PT-2022-3591 · Microsoft · Windows Client Server Run-Time Subsystem +1
Name of the Vulnerable Software and Affected Versions: Windows Client Server Run-time Subsystem CSRSS affected versions not specified Description: The issue is related to insufficient access restrictions in the Client Server Run-time Subsystem CSRSS of the Windows operating system. It allows an...
Microsoft Windows CSRSS Security Feature Bypass Vulnerability
The Client-Server Run-time Subsystem CSRSS in Microsoft mismanages process tokens, which allows local users to gain privileges via a crafted application...
MS16-048: Security Update for CSRSS (3148528)
The remote Windows host is missing a security update. It is, therefore, affected by a security feature bypass vulnerability in the Client-Server Run-time Subsystem CSRSS due to improper management of process tokens in memory. A local attacker can exploit this vulnerability, via a specially crafte...
MS13-033: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2820917)
The Windows Client/Server Run-time Subsystem CSRSS on the remote host has a privilege escalation vulnerability due to an improper handling of objects in memory. An attacker who successfully exploits this vulnerability can execute arbitrary code in the context of the local system. The attacker cou...
MS Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2790113)
This host is missing an important security update according to Microsoft Bulletin MS13-019. OpenVAS Vulnerability Test $Id: secpodms13-019.nasl 5346 2017-02-19 08:43:11Z cfi $ MS Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability 2790113 Authors: Antu Sanadi Copyright:...
Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2790113)
This host is missing an important security update according to Microsoft Bulletin MS13-019. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Privilege escalation
Csrsrv.dll in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process...
Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2620712)
This host is missing an important security update according to Microsoft Bulletin MS11-097. OpenVAS Vulnerability Test $Id: secpodms11-097.nasl 5362 2017-02-20 12:46:39Z cfi $ Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability 2620712 Authors: Rachana Shetty Copyright:...
Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2567680)
This host is missing a critical security update according to Microsoft Bulletin MS11-063. OpenVAS Vulnerability Test $Id: secpodms11-063.nasl 8724 2018-02-08 15:02:56Z cfischer $ Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability 2567680 Authors: Antu Sanadi...
Integer overflow
Integer overflow in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges or cau...
Null pointer dereference
The Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly initialize memory and consequently uses a NULL...
CVE-2011-1283
The CVE-2011-1283 entry concerns the Windows CSRSS component in the Win32 subsystem. The vulnerability arises from an array index check flaw in SrvSetConsoleNumberOfCommand, allowing a local attacker to cause memory corruption and elevate privileges by triggering an incorrect memory assignment fo...
CVE-2011-1281
The Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly restrict the number of console objects for a...
Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2476687)
This host is missing a critical security update according to Microsoft Bulletin MS11-010. OpenVAS Vulnerability Test $Id: secpodms11-010.nasl 5362 2017-02-20 12:46:39Z cfi $ Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability 2476687 Authors: Sooraj KS Copyright: Copyright ...
CVE-2007-1209
Use-after-free vulnerability in the Client/Server Run-time Subsystem CSRSS in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a...