Microsoft Windows10 AHCACHE.SYS Remote Denial Of Service

Summary A denial of service vulnerability exists in the AHCACHE.SYS driver. A specially crafted Portable Executable file can cause a bugcheck in the Windows kernel resulting in remote denial of service. Tested Versions Windows 10, AHCACHE.SYS version 10.0.10586.0 Tested on Windows 10 X86 Product...

Symantec / Norton AntiVirus - ASPack Remote Heap/Pool Memory Corruption

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=820 When parsing executables packed by an early version of aspack, a buffer overflow can occur in the core Symantec Antivirus Engine used in most Symantec and Norton branded...

Symantec/Norton AntiVirus - ASPack Remote Heap/Pool Memory Corruption

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=820 When parsing executables packed by an early version of aspack, a buffer overflow can occur in the core Symantec Antivirus Engine used in most Symantec and Norton branded Antivirus products. The problem occurs when section data ...

SymantecNorton AntiVirus - ASPack Remote HeapPool Memory Corruption

SymantecNorton AntiVirus - ASPack Remote HeapPool Memory Corruption Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=820 When parsing executables packed by an early version of aspack, a buffer overflow can occur in the core Symantec Antivirus Engine used in most Symantec and Nort...

VBox Satellite Express Arbitrary Write Privilege Escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation Title: VBox Satellite Express Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-005 Publication Date: 2015.09.16 Publication URL:...

Microsoft Windows Win32k.sys - Denial of Service Vulnerability

Exploit for windows platform in category dos / poc Exploit Title: Microsoft Windows Win32k.sys Denial of Service Date: 20-11-2014 Exploit Author: Kedamsky email protected Vendor Homepage: http://microsoft.com Software Link: http://www.microsoft.com/en-us/download/windows.aspx Version: XP SP3, Vis...

Microsoft Windows - win32k.sys Denial of Service

Microsoft Windows - win32k.sys Denial of Service Exploit Title: Microsoft Windows Win32k.sys Denial of Service Date: 20-11-2014 Exploit Author: Kedamsky [email protected] Vendor Homepage: http://microsoft.com Software Link: http://www.microsoft.com/en-us/download/windows.aspx Version: XP SP3, Vist...

Microsoft XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation Exploit

Exploit for windows platform in category local exploits Title: Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation Publication Date: 2014.07.18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt 1. Vulnerability Details Affected Vendor: Microsoft Affect...

FortKnox Personal Firewall 9.0.305.0 & 10.0.305.0 - Kernel Driver (fortknoxfw.sys) Memory Corruption Vulnerability

No description provided by source. / Exploit Title: 0day FortKnox Personal Firewall kernel driver fortknoxfw.sys memory corruption vulnerability Date: 25/10/2013 Author: Arash Allebrahim Contact : [email protected] Vendor Homepage: http://www.fortknox-firewall.com/ Vulnerable software :...

Microsoft Windows win32k!GreStretchBltInternal() Does Not Handle src == dest

No description provided by source. Microsoft Windows win32k!GreStretchBltInternal does not handle src == dest ---------------------------------------------------------------------------- A bitblt bit block transfer is used to copy one rectangular region of screen to another, often performing a...

Windows Win32k Pointer Dereferencement PoC (MS10-098)

No description provided by source. / MS10-098 CVE-2010-3944 Microsoft Windows Win32k pointer dereferencement -------------------- Affected Software ------------------------ Microsoft Windows 7 / 2008 -------------------- Consequences ----------------------- An unprivileged user may be able to cau...

win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase

No description provided by source. I'm quite proud of this list cycle trick, here's how to turn it into an arbitrary write. First, we create a watchdog thread that will patch the list atomically when we're ready. This is needed because we can't exploit the bug while HeavyAllocPool is failing,...

Denial of service

The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on Windows allows local users to cause a denial of service bugcheck and BSOD via an IOCTL call for an invalid IOCTL...

CVE-2013-3705

CVE-2013-3705 affects Novell Client 2 SP3 on Windows, specifically the VBA32 AntiRootKit component. The issue is a local DoS via an invalid IOCTL call to the IOCTL handling, potentially causing a bugcheck/BSOD. The vulnerability is described as affecting SP3 prior to IR5; Nessus/Vulnerability fee...

The Windows kernel-EPATHOBJ 0day exploit-vulnerability warning-the black bar safety net

This vulnerability is through the PATHALLOCfor memory pressure of the test broke, the first use of PATHRECpointing to the same user space PATHREC EPATHOBJ::bFlatten it will”spin”for an unlimited linked list traversal. Such as:PathRecord-next = PathRecord; Although it will spin,but it will be by...

Microsoft Windows - Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase

Microsoft Windows - Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase I'm quite proud of this list cycle trick, here's how to turn it into an arbitrary write. First, we create a watchdog thread that will patch the list atomically when we're ready. This is needed because we can't...

Windows Win32k Pointer Dereferencement PoC (MS10-098)

Exploit for windows platform in category dos / poc / MS10-098 CVE-2010-3944 Microsoft Windows Win32k pointer dereferencement -------------------- Affected Software ------------------------ Microsoft Windows 7 / 2008 -------------------- Consequences ----------------------- An unprivileged user ma...

Windows Win32k Pointer Dereference

/ MS10-098 CVE-2010-3944 Microsoft Windows Win32k pointer dereferencement -------------------- Affected Software ------------------------ Microsoft Windows 7 / 2008 -------------------- Consequences ----------------------- An unprivileged user may be able to cause a bugcheck, or possibly execute...

Microsoft Windows - Win32k Pointer Dereferencement (PoC) (MS10-098)

Microsoft Windows - Win32k Pointer Dereferencement PoC MS10-098 / MS10-098 CVE-2010-3944 Microsoft Windows Win32k pointer dereferencement -------------------- Affected Software ------------------------ Microsoft Windows 7 / 2008 -------------------- Consequences ----------------------- An...

Microsoft Windows - Win32k!GreStretchBltInternal() Does Not Handle src == dest

Microsoft Windows win32k!GreStretchBltInternal does not handle src == dest ---------------------------------------------------------------------------- A bitblt bit block transfer is used to copy one rectangular region of screen to another, often performing a raster operation rop of some sort e.g...