3872 matches found
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
A vulnerability that allows for increased privileges exists in the NDProxy component of the Windows kernel, due to improper validation of input data passed to the kernel in user mode. This vulnerability enables a malicious individual to execute code in kernel mode. Exploiting this vulnerability...
Vulnerability of the Windows operating system, allowing for an increase in privilege levels
The vulnerability that allows for increased privilege levels is related to the improper use of the Windows kernel mode driver’s window descriptors for objects in memory that belong to the thread. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with elevated...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of Windows operating system’s kernel mode drivers is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to enhance their privileges through a specially created application...
A year of Windows kernel font fuzzing #2: the techniques
Posted by Mateusz Jurczyk of Google Project Zero In part 1 of the series see here, we discussed the motivation and outcomes of our year long fuzzing effort against the Windows kernel font engine, followed by an analysis of two bug collisions with Keen Team and Hacking Team that ensued as a result...
A year of Windows kernel font fuzzing #1: the results
Posted by Mateusz Jurczyk of Google Project Zero This post series is about how we used at-scale fuzzing to discover and report a total of 16 vulnerabilities in the handling of TrueType and OpenType fonts in the Windows kernel during the last year. In part 1 here, we present a general overview of...
Microsoft Windows Kernel - ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)
Microsoft Windows Kernel - ATMFD.dll NamedEscape 0x250C Pool Corruption MS16-074 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=785 The Adobe Type Manager Font Driver ATMFD.DLL responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of...
Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)
Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=785 The Adobe Type Manager Font Driver ATMFD.DLL responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of communication with user-mode...
CVE-2016-3221
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege...
CVE-2016-3219
The kernel-mode driver in Microsoft Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."...
CVE-2016-3218
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege...
The vulnerability of the Windows operating system allows a perpetrator to obtain confidential information about the addresses of kernel objects and bypass the KASLR security mechanisms.
The vulnerability of Windows operating system’s kernel mode drivers is related to the lack of protection for privileged data. Exploiting this vulnerability can allow an attacker, operating locally, to obtain confidential information about kernel object addresses and bypass the KASLR protection...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of Windows operating system’s kernel mode drivers is related to deficiencies in access control. Exploiting this vulnerability allows a local attacker to enhance their privileges through a specially created application...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the Windows operating system’s kernel mode driver is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating locally, to enhance their privileges through a specially created application...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of Windows operating system’s kernel mode drivers is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to enhance their privileges through a specially created application...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of Windows operating system’s kernel mode drivers is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to enhance their privileges through a specially created application...
Microsoft Windows Win32k Elevation of Privilege Vulnerability (CNVD-2016-03105)
Microsoft Windows is a series of operating systems released by Microsoft USA. win32k.sys is the kernel part of the Windows subsystem, a kernel-mode device driver, which contains a window manager, background control windows and screen output management. An elevation of privilege vulnerability exis...
CVE-2016-0196
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege...
CVE-2016-0180
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles symbolic links, which allows local users to gain privileges via a crafted application, aka "Windows...
CVE-2016-0174
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege...
Microsoft Windows Win32k Information Leakage Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. A security feature bypass vulnerability exists in the Microsoft Windows kernel. A local attacker can exploit this vulnerability to retrieve the memory address of a kernel object, resulting in a kernel...