3872 matches found
Microsoft Windows kernel vulnerable to a denial-of-service condition via animated cursor (.ani) frame number
Overview A vulnerability exists in the way the Microsoft Window's kernel processes animated cursor .ani files with a frame number set to zero. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Description A vulnerability exists in the way the...
Microsoft Windows kernel vulnerable to denial-of-service condition via animated cursor (.ani) rate number
Overview A vulnerability exists in the way the Microsoft Windows kernel processes animated cursor .ani files with a rate number set to zero. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Description A vulnerability exists in the way the...
Microsoft Windows Kernel - '.ANI' File Parsing Crash
111111111111111111111111111111 // milw0rm.com 2004-12-25...
MS Windows Kernel ANI File Parsing Crash Vulnerability
No description provided by source. !-- Got to give it to flashsky on this one. Download this lovely file to your desktop and get ready to cry if your not patched or browse with ie and the vuln should work. str0ke -- html style type="text/css" !-- body CURSOR: url"sploits/KERNELBLUE.ani" -- /style...
Microsoft Windows Kernel - .ANI File Parsing Crash
Microsoft Windows Kernel - .ANI File Parsing Crash 111111111111111111111111111111 // milw0rm.com 2004-12-25...
Microsoft Windows Kernel ANI File Parsing Crash and DOS Vulnerability
Security Advisory Advisory: ADLAB-04005Microsoft Windows Kernel ANI File Parsing Crash and Dos Vulnerability Class: Design Error DATE:12/20/2004 Remote: Yes Vulnerable: Windows NT Windows 2000 SP0 Windows 2000 SP1 Windows 2000 SP2 Windows 2000 SP3 Windows 2000 SP4 Windows XP SP0 Windows XP SP1...
CVE-2004-0893
The Local Procedure Call LPC interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."...
CVE-2004-0893
This CVE describes two privilege-elevation flaws in Windows components from 2004: (1) the Local Procedure Call (LPC) interface in the Windows kernel fails to validate message lengths, enabling a locally-authenticated attacker to gain full control; and (2) LSASS validates identity tokens improperl...
Microsoft Windows Kernel Unchecked LPC Buffer Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a locally exploitable privilege escalation vulnerability. This is reportedly due to an unchecked buffer that is exposed through the LPC Local Procedure Call interface in the Windows kernel. Successful exploitation would permit a local attacker to compromi...
Kerio Personal Firewall 2.1.x4.x - Local Denial of Service
Kerio Personal Firewall 2.1.x4.x - Local Denial of Service source: https://www.securityfocus.com/bid/11859/info It is reported that the Kerio Personal Firewall KPF driver does not sufficiently sanitize API parameters that are received from API's that are hooked by KPF. When the KPF API hook handl...
Kerio Personal Firewall 2.1.x/4.x - Local Denial of Service
source: https://www.securityfocus.com/bid/11859/info It is reported that the Kerio Personal Firewall KPF driver does not sufficiently sanitize API parameters that are received from API's that are hooked by KPF. When the KPF API hook handles certain parameter data it will fail. Reports indicate th...
[Full-Disclosure] EEYE: Windows VDM #UD Local Privilege Escalation
Windows VDM UD Local Privilege Escalation Release Date: October 12, 2004 Date Reported: March 18, 2004 Severity: Medium Local Privilege Escalation to Kernel Systems Affected: Windows NT 4.0 Windows 2000 Windows XP SP1 and earlier Windows Server 2003 Description: eEye Digital Security has discover...
Microsoft Windows kernel fails to properly handle invalid opcodes used in DOS emulation
Overview A vulnerability in the way the Microsoft Windows kernel handles invalid opcodes used in DOS emulation could allow a local attacker to gain elevated privileges on a vulnerable system. Description The Virtual DOS Machine VDM provides support for 16-bit legacy operations and applications. F...
Microsoft Windows Kernel Virtual DOS Machine Privilege Escalation Vulnerability
Description Microsoft Windows Kernel Virtual DOS Machine is reported prone to a local privilege-escalation vulnerability. The Microsoft Virtual DOS Machine VDM is a protected environment that emulates MS-DOS on Windows NT-based operating systems. This issue is caused by an access-validation error...
[Full-Disclosure] EEYE: Windows VDM TIB Local Privilege Escalation
Windows VDM TIB Local Privilege Escalation Release Date: April 13, 2004 Date Reported: February 9, 2004 Severity: Medium Local Privilege Escalation to Kernel Vendor: Microsoft Systems Affected: Windows NT 4.0 Windows 2000 Description: eEye Digital Security has discovered a second local privilege...
[Full-Disclosure] EEYE: Windows Expand-Down Data Segment Local Privilege Escalation
Windows Expand-Down Data Segment Local Privilege Escalation Release Date: April 13, 2004 Date Reported: November 21, 2003 Severity: Medium Local Privilege Escalation to Kernel Vendor: Microsoft Systems Affected: Windows NT 4.0 Windows 2000 Description: eEye Digital Security has discovered a...
PT-2003-2178 · Microsoft +1 · Windows +1
Name of the Vulnerable Software and Affected Versions: Pedestal Software Integrity Protection Driver IPD versions 1.3 and earlier Description: The issue allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel. This is achieved by using the...
CVE-2003-0112
Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger...
CVE-2003-0112
Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger...
Windows NT/2000/XP kernel buffer overflow
Stack based overflow during debug message processing...