3872 matches found
DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel Ring0 Code Execution
DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel Ring0 Code Execution / deslock-dlpcrypt.c Copyright c 2009 by DESlock+ 4.0.2 local kernel SYSTEM exploit by mu-b - Thu 18 Jun 2009 - Tested on: dlpcrypt.sys 0.1.1.27 .text:0001BB2E: 'what do ya want for nothing?' - hmmm, something that doesn't pass kerne...
Input validation
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate user-mode pointers in unspecified error conditions, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Pointe...
MS09-006: Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)
The remote host contains a version of the Windows kernel that is affected by vulnerabilities : - A remote code execution vulnerability exists due to improper validation of input passed from user mode through the kernel component of GDI. Successful exploitation requires that a user on the affected...
Microsoft Security Bulletin MS09-006 – Critical Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)
Microsoft Security Bulletin MS09-006 – Critical Vulnerabilities in Windows Kernel Could Allow Remote Code Execution 958690 Published: March 10, 2009 Version: 1.0 General Information Executive Summary This security update resolves several privately reported vulnerabilities in the Windows kernel. T...
PT-2009-2783 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue arises from the improper handling of invalid pointers by the Windows kernel, allowing local users to gain privileges. This could enable an attacker to run arbitrary...
PT-2009-2782 · Microsoft · Windows Xp +6
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 2000 SP4, XP SP2, XP SP3, Server 2003 SP1, Server 2003 SP2, Vista Gold, Vista SP1, Server 2008 Description: The Windows kernel does not properly validate handles, allowing local users to gain privileges via a crafte...
PT-2009-2781 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue arises from the improper validation of input received from user mode by the graphics device interface GDI implementation in the kernel. This allows remote attackers ...
Microsoft Windows Kernel Input Validation Remote Code Execution (MS09-006; CVE-2009-0081)
The Windows kernel is the core of the operating system. It provides system level services, allocates processor time to processes, and manages error handling. A remote code execution vulnerability has been discovered in the Windows kernel.The vulnerability is due to an error in the Windows kernel...
MS08-061: Microsoft Windows Kernel Multiple Privilege Elevation (954211)
The remote host contains a version of the Windows kernel that is vulnerable to a security flaw that could allow a local user to elevate his privileges or to crash it therefore causing a denial of service. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid34406;...
PT-2008-3746 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue is related to a double free condition in the Windows kernel, allowing local users to gain privileges via a crafted application. This could enable an attacker to run...
[W02-1008] GearSoftware Powered Products Local Privilege Escalation (Microsoft Windows Kernel IopfCompleteRequest Integer Overflow)
HTML FORMATED Advisory http://www.wintercore.com/advisories/advisoryW021008.html TEXT VERSION GearSoftware Powered Products Local Privilege Escalation + GEARASpiWDM.sys Insecure Method + Microsoft Windows Kernel IopfCompleteRequest Integer Overflow :: Summary 1. Background 2. Non-technical...
Windows kernel vulnerability ms08025 analysis-vulnerability warning-the black bar safety net
Source:security focus Author: Polymorphours Email: [email protected] Homepage:http://www.whitecell.org Date: 2008-04-10 After internal discussion, it was decided to publish the analysis results. 4 on No. 8, microsoft again released a kernel patchKB941693, Microsoft the vulnerability is...
MS08-025: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)
The remote host contains a version of the Windows kernel that is vulnerable to a security flaw that could allow a local user to elevate his privileges or to crash it therefore causing a denial of service. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid31798;...
PT-2008-2682 · Microsoft · Windows Server +1
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 2000 SP4 through Vista SP1 Microsoft Windows Server versions 2003 SP1 through 2008 Description: The issue is related to improper input validation in the Windows kernel, allowing local users to execute arbitrary code...
Microsoft Windows ICMP Fragmented Packet Denial of Service (MS08-001; CVE-2007-0066)
The Internet Control Message Protocol ICMP is one of the core protocols of the Internet protocol suite. The vulnerability is due to an error in the way that Windows Kernel processes fragmented router advertisement ICMP queries. Successful exploitation could allow a denial of service on the affect...
Microsoft Security Bulletin MS07-066 – Important Vulnerability in Windows Kernel Could Allow Elevation of Privilege (943078)
Microsoft Security Bulletin MS07-066 – Important Vulnerability in Windows Kernel Could Allow Elevation of Privilege 943078 Published: December 11, 2007 Version: 1.0 General Information Executive Summary This important security update resolves a privately reported vulnerability in the Windows...
CVE-2007-1973
Race condition in the Virtual DOS Machine VDM in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \Device\PhysicalMemory section handle, a related issue to CVE-2007-1206...
CVE-2007-1973
CVE-2007-1973 describes a race condition in the Windows NTVDM (VDM) path where incorrect permissions on a mapped memory segment (PAGE_READWRITE to a PhysicalMemory view) allow a local user to modify memory and gain privileges via the \Device\PhysicalMemory handle. The related details indicate aff...
Race condition
The Virtual DOS Machine VDM in the Windows Kernel in Microsoft Windows NT 4.0; 2000 SP4; XP SP2; Server 2003, 2003 SP1, and 2003 SP2; and Windows Vista before June 2006; uses insecure permissions PAGEREADWRITE for a physical memory view, which allows local users to gain privileges by modifying th...
CVE-2007-1206
The Virtual DOS Machine VDM in the Windows Kernel in Microsoft Windows NT 4.0; 2000 SP4; XP SP2; Server 2003, 2003 SP1, and 2003 SP2; and Windows Vista before June 2006; uses insecure permissions PAGEREADWRITE for a physical memory view, which allows local users to gain privileges by modifying th...