McAfee Data Loss Prevention Endpoint Elevation of Privilege Vulnerability

McAfee Network Data Loss Prevention monitors network traffic and protects against data loss. An elevation of privilege vulnerability exists in McAfee Data Loss Prevention Endpoint, which could allow a remote attacker to obtain elevation of privilege by sending carefully constructed commands to th...

Microsoft Windows Kernel 'mrxdav.sys' Local Elevation of Privilege Vulnerability

Microsoft Windows is a family of operating systems from Microsoft. The Microsoft WebDAV kernel mode driver mrxdav.sys incorrectly checksums and enforces the emulation level, allowing an attacker to bypass emulation level security and elevate privileges, which can intercept WebDAV file requests, a...

Windows TrackPopupMenu Win32k NULL Pointer Dereference Exploit

This Metasploit module exploits a NULL Pointer Dereference in win32k.sys, the vulnerability can be triggered through the use of TrackPopupMenu. Under special conditions, the NULL pointer dereference can be abused on xxxSendMessageTimeout to achieve arbitrary code execution. This Metasploit module...

Firms Detail Zero Days Targeting Windows Kernel

After they were patched in yesterday’s round of Patch Tuesday security bulletins, security firms have begun to peel back the layers on two zero-day vulnerabilities that are being used in limited, targeted attacks against Microsoft’s Windows Kernel. According to FireEye, one of the firms that...

Microsoft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/local/windowskernel' require 'rex' class Metasploit3 'Microsoft Bluetooth Personal Area Networking BthPan.sys Privilege...

VulnCheck KEV: CVE-2014-4148

A remote code execution vulnerability exists when the Windows kernel-mode driver improperly handles TrueType fonts...

Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerabilities (2984615)

This host is missing an important security update according to Microsoft Bulletin MS14-045. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Kaseya's agent driver contains NULL pointer dereference

Overview Kaseya's agent driver, kapfa.sys, is vulnerable to a NULL pointer dereference. Description CWE-476: NULL Pointer Dereference Kaseya's agent driver, kapfa.sys, is vulnerable to a NULL pointer dereference. --- Impact A local authenticated attacker may be able to cause a denial-of-service...

Windows Kernel win32k.sys - Integer Overflow (MS13-101)

No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Divide Error in Windows Kernel 1. Advisory Information Title: Divide Error in Windows Kernel Advisory ID: CORE-2013-0807 Advisory URL:...

Kerio Personal Firewall 2.1.x/4.x Local Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11859/info It is reported that the Kerio Personal Firewall KPF driver does not sufficiently sanitize API parameters that are received from API's that are hooked by KPF. When the KPF API hook handles certain parameter data...

Microsoft Windows Kernel Privilege Escalation Vulnerabilities (2930275)

This host is missing an important security update according to Microsoft Bulletin MS14-015 OpenVAS Vulnerability Test $Id: gbms14-015.nasl 6724 2017-07-14 09:57:17Z teissa $ Microsoft Windows Kernel Privilege Escalation Vulnerabilities 2930275 Authors: Antu Sanadi Copyright: Copyright C 2014...

Microsoft January 2014 Patch Tuesday Security Updates

Microsoft is entering softly into 2014 with a minimalist version of Patch Tuesday, which is likely to be a welcome reprieve. Windows shops can expect a busy re-tooling year ahead as Microsoft not only ends support—including security updates—for Windows XP, but also will restrict the use of MD5 in...

CORE-2013-0807 - Divide Error in Windows Kernel

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Divide Error in Windows Kernel 1. Advisory Information Title: Divide Error in Windows Kernel Advisory ID: CORE-2013-0807 Advisory URL: http://www.coresecurity.com/advisories/divide-error-in-windows-kernel Date published: 2013-12-...

Microsoft Windows Kernel - win32k.sys Integer Overflow (MS13-101)

Microsoft Windows Kernel - win32k.sys Integer Overflow MS13-101 Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Divide Error in Windows Kernel 1. Advisory Information Title: Divide Error in Windows Kernel Advisory ID: CORE-2013-0807 Advisory URL:...

Microsoft Windows Kernel - 'win32k.sys' Integer Overflow (MS13-101)

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Divide Error in Windows Kernel 1. Advisory Information Title: Divide Error in Windows Kernel Advisory ID: CORE-2013-0807 Advisory URL: http://www.coresecurity.com/advisories/divide-error-in-windows-kernel Date published: 2013-12-...

Divide Error In Windows Kernel

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Divide Error in Windows Kernel 1. Advisory Information Title: Divide Error in Windows Kernel Advisory ID: CORE-2013-0807 Advisory URL: http://www.coresecurity.com/advisories/divide-error-in-windows-kernel Date published: 2013-12-...

Divide Error In Windows Kernel Vulnerability

Windows kernel is prone to a security vulnerability when executing the GDI support function 'RFONTOBJ::bTextExtent' located in 'win32k.sys'. This vulnerability could be exploited by an attacker to crash the windows kernel by calling the user mode function 'NtGdiGetTextExtent' with specially craft...

Divide Error in Windows Kernel

1. Advisory Information Title: Divide Error in Windows Kernel Advisory ID: CORE-2013-0807 Advisory URL:http://www.coresecurity.com/core-labs/advisories/divide-error-windows-kernel Date published: 2013-12-11 Date of last update: 2013-12-11 Vendors contacted: Microsoft Release mode: Coordinated...

KB2914486: Vulnerability in Microsoft Windows Kernel Could Allow Elevation of Privilege

The remote host has an unspecified privilege elevation vulnerability in NDProxy.sys, a system-provided communications driver. Successful exploitation of this vulnerability could allow an attacker to run arbitrary code in kernel mode. Additionally, the attacker could view, change or even delete...

VulnCheck KEV: CVE-2013-5065

Microsoft Windows NDProxy.sys in the kernel contains an improper input validation vulnerability which can allow a local attacker to escalate privileges...