99 matches found
Microsoft Windows Kernel - Use-After-Free with Cursor Object (MS15-097)
Source: https://code.google.com/p/google-security-research/issues/detail?id=457 --- The attached testcase crashes Win 7 with Special Pool enabled while accessing the freed global cursor object gpqCursor. See poc.cpp for instructions on how to compile and run. Proof of Concept:...
Microsoft Windows Kernel - 'NtGdiStretchBlt' Pool Buffer Overflow (MS15-097)
Source: https://code.google.com/p/google-security-research/issues/detail?id=415 --- Tested on Win 7 32-bit with Special Pool enabled. Multiple pool buffer overflows can be triggered through the NtGdiStretchBlt system call. The attached PoC demonstrates a write overflow and another read over flow...
Microsoft Windows Kernel - bGetRealizedBrush Use-After-Free (MS15-097)
Microsoft Windows Kernel - bGetRealizedBrush Use-After-Free MS15-097 Source: https://code.google.com/p/google-security-research/issues/detail?id=458 --- The attached testcase crashes Win 7 with Special Pool on win32k while accessing freed memory in bGetRealizedBrush. --- Proof of Concept:...
Microsoft Windows Kernel Mode Driver Elevation of Privilege Vulnerability
Microsoft Windows Kernel Mode Driver is a monitor driver. An elevation of privilege vulnerability exists in Microsoft Windows Kernel Mode Driver, which can be exploited by an attacker to elevate privileges and execute arbitrary code...
Privilege escalation
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial of service...
Microsoft Windows Kernel Privilege Escalation Vulnerabilities (2930275)
This host is missing an important security update according to Microsoft Bulletin MS14-015 OpenVAS Vulnerability Test $Id: gbms14-015.nasl 6724 2017-07-14 09:57:17Z teissa $ Microsoft Windows Kernel Privilege Escalation Vulnerabilities 2930275 Authors: Antu Sanadi Copyright: Copyright C 2014...
KB2914486: Vulnerability in Microsoft Windows Kernel Could Allow Elevation of Privilege
The remote host has an unspecified privilege elevation vulnerability in NDProxy.sys, a system-provided communications driver. Successful exploitation of this vulnerability could allow an attacker to run arbitrary code in kernel mode. Additionally, the attacker could view, change or even delete...
Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2859537)
This host is missing an important security update according to Microsoft Bulletin MS13-063. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Windows kernel UDP processing integer overflow
Integer overflow leads to code execution via the flow of UDP packets to closed port...
Microsoft Windows Kernel win32k.sys DragObject Code Execution (MS11-034; CVE-2011-1238)
The Windows kernel is the core of the operating system. It provides system-level services such as device management and memory management, allocates processor time to processes, and manages error handling. An elevation of privilege vulnerability has been reported in the Windows kernel. The...
VUPEN Security Research - Microsoft Windows Kernel "GetDCEx()" Memory Corruption Vulnerability (CVE-2010-0484)
VUPEN Security Research - Microsoft Windows Kernel "GetDCEx" Memory Corruption Vulnerability CVE-2010-0484 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Microsoft Windows is the operating system developed by Microsoft. As of May 2010, Windows was the most widely...
Microsoft Windows Kernel Input Validation Remote Code Execution (MS09-006; CVE-2009-0081)
The Windows kernel is the core of the operating system. It provides system level services, allocates processor time to processes, and manages error handling. A remote code execution vulnerability has been discovered in the Windows kernel.The vulnerability is due to an error in the Windows kernel...
MS08-061: Microsoft Windows Kernel Multiple Privilege Elevation (954211)
The remote host contains a version of the Windows kernel that is vulnerable to a security flaw that could allow a local user to elevate his privileges or to crash it therefore causing a denial of service. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid34406;...
[W02-1008] GearSoftware Powered Products Local Privilege Escalation (Microsoft Windows Kernel IopfCompleteRequest Integer Overflow)
HTML FORMATED Advisory http://www.wintercore.com/advisories/advisoryW021008.html TEXT VERSION GearSoftware Powered Products Local Privilege Escalation + GEARASpiWDM.sys Insecure Method + Microsoft Windows Kernel IopfCompleteRequest Integer Overflow :: Summary 1. Background 2. Non-technical...
Microsoft Windows Kernel vulnerable to privilege escalation
Overview The Microsoft Windows Kernel contains a privilege escalation vulnerability that may allow a local attacker to take control of the system. Description The Microsoft Windows Kernel fails to properly set permissions when mapping to a memory segment. By running a specially crafted applicatio...
Microsoft Windows kernel vulnerable to denial-of-service condition via animated cursor (.ani) rate number
Overview A vulnerability exists in the way the Microsoft Windows kernel processes animated cursor .ani files with a rate number set to zero. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Description A vulnerability exists in the way the...
Microsoft Windows Kernel ANI File Parsing Crash and DOS Vulnerability
Security Advisory Advisory: ADLAB-04005Microsoft Windows Kernel ANI File Parsing Crash and Dos Vulnerability Class: Design Error DATE:12/20/2004 Remote: Yes Vulnerable: Windows NT Windows 2000 SP0 Windows 2000 SP1 Windows 2000 SP2 Windows 2000 SP3 Windows 2000 SP4 Windows XP SP0 Windows XP SP1...
Microsoft Windows Kernel Virtual DOS Machine Privilege Escalation Vulnerability
Description Microsoft Windows Kernel Virtual DOS Machine is reported prone to a local privilege-escalation vulnerability. The Microsoft Virtual DOS Machine VDM is a protected environment that emulates MS-DOS on Windows NT-based operating systems. This issue is caused by an access-validation error...
Security Update for Windows 2000 (KB920958)
A security issue has been identified in the Windows Kernel that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer...