3872 matches found
Microsoft Windows Kernel - win32k.sys NtSetWindowLongPtr Local Privilege Escalation (MS16-135) (1)
Microsoft Windows Kernel - win32k.sys NtSetWindowLongPtr Local Privilege Escalation MS16-135 1 Complete Proof of Concept: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/40823.zip Presentation:...
Microsoft Windows Kernel - Registry Hive Loading 'nt!RtlEqualSid' Out-of-Bounds Read (MS
Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=874 We have encountered a Windows kernel crash in the nt!RtlEqualSid function invoked through nt!SeAccessCheck by nt!CmpCheckSecurityCellAccess while loading corrupted registry hiv...
Microsoft Windows Kernel - Registry Hive Loading nt!RtlEqualSid Out-of-Bounds Read (MS16-138)
Microsoft Windows Kernel - Registry Hive Loading nt!RtlEqualSid Out-of-Bounds Read MS16-138 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=874 We have encountered a Windows kernel crash in the nt!RtlEqualSid function invoked through nt!SeAccessCheck by...
CVE-2016-7218
Bowser.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information via a...
CVE-2016-7216
The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandles permissions, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Elevation of Privilege Vulnerability."...
CVE-2016-7215
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka...
CVE-2016-7214
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to bypass the ASLR protection mechanism via a crafted...
CVE-2016-7255
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka...
Microsoft Windows Kernel - win32k Denial of Service (MS16-135) Exploit
Exploit for windows platform in category dos / poc / Source: https://github.com/tinysec/public/tree/master/CVE-2016-7255 Full Proof of Concept: https://github.com/tinysec/public/tree/master/CVE-2016-7255 https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40745.z...
Microsoft Win32k Information Leakage Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. An information disclosure vulnerability exists in the Microsoft Windows kernel. An attacker exploits the vulnerability to retrieve the memory address of a kernel object...
Microsoft Win32k Elevation of Privilege Vulnerability (CNVD-2016-10937)
Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in the kernel mode driver for Microsoft Windows. An attacker could exploit this vulnerability to run arbitrary code in kernel mode...
Microsoft Windows Kernel - 'win32k' Denial of Service (MS16-135)
/ Source: https://github.com/tinysec/public/tree/master/CVE-2016-7255 Full Proof of Concept: https://github.com/tinysec/public/tree/master/CVE-2016-7255 https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/40745.zip Created: 2016-11-09 14:23:09 Filename: main.c Author:...
Microsoft Win32k Elevation of Privilege Vulnerability (CNVD-2016-10936)
Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in the kernel mode driver for Microsoft Windows. An attacker could exploit this vulnerability to run arbitrary code in kernel mode...
Microsoft Windows Kernel Local Privilege Elevation Vulnerability (CNVD-2016-11012)
Microsoft Windows is a series of operating systems released by Microsoft Corporation in the United States. kernel is one of the kernels. A local elevation of privilege vulnerability exists in the Microsoft Windows kernel. Due to a failure of the kernel API to properly handle privileges, a local...
Microsoft Patches Zero Day Disclosed by Google
Microsoft followed through and today patched a zero-day vulnerability being exploited in public attacks that was disclosed by Google researchers nine days ago. The victims have yet to have been identified, but Microsoft did accuse the Sofacy APT gang of carrying out the attacks. Sofacy is general...
Adobe Patches Nine Code Execution Flaws in Flash Player
Two weeks after rushing out an emergency patch for a zero-day vulnerability, Adobe today released another Flash Player security update. The new release patched nine vulnerabilities, all of which expose the host system to remote code execution. Adobe said it is not aware of public exploits against...
November 2016 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1
November 2016 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1 Summary This security updates includes improvements and fixes from update 3192403. To learn more about the non-security improvements and fixes in this update, see the October 18, 2016 — KB3192403 Previe...
MS16-135: Description of the security update for Windows kernel-mode drivers: November 8, 2016
MS16-135: Description of the security update for Windows kernel-mode drivers: November 8, 2016 Summary This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and run...
Win32k Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...
Windows Kernel Information Disclosure Vulnerability
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization ASLR bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a...