22 matches found
Microsoft Windows Canonical Display 安全漏洞
Microsoft Windows Canonical Display is a support program from Microsoft Corporation USA that provides rendering for GDI graphics. A security vulnerability exists in the Microsoft Windows Canonical Display Driver. The following products and editions are affected: Windows 10 Version 20H2 for...
Microsoft Windows Canonical Display Driver DrvStretchBltInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cdd.dll driver...
Microsoft Windows Canonical Display Driver DrvFillPath NULL Pointer Dereference Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cdd.dll driver...
Microsoft Windows Canonical Display Driver DrvStrokePath Untrusted Pointer Dereference Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cdd.dll driver...
Microsoft Windows Canonical Display Driver DrvBitBltInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cdd.dll driver...
Microsoft Windows Canonical Display Driver DrvStretchBltROPInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cdd.dll driver...
Microsoft Windows Canonical Display Driver DrvPlgBltInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cdd.dll driver...
PT-2021-6954 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to insufficient access restrictions in the Win32k component of Microsoft Windows, allowing an attacker to potentially elevate their privileges. This could...
Microsoft Windows/Windows Server Information Disclosure Vulnerability (CNVD-2021-63303)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation USA, Microsoft Windows is an operating system for personal devices, and Microsoft Windows Server is a server operating system. An information disclosure vulnerability exists in the Microsoft Windows/Windows...
CVE-2020-17029
Windows Canonical Display Driver Information Disclosure Vulnerability...
CVE-2020-17029
Windows Canonical Display Driver Information Disclosure Vulnerability...
Windows Canonical Display Driver Information Disclosure Vulnerability
...
KLA12003 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions. Below is a...
KB4586787: Windows 10 November 2020 Security Update
The Microsoft 4586787 Product is missing security updates. - Remote Desktop Protocol Server Information Disclosure Vulnerability CVE-2020-16997 - DirectX Elevation of Privilege Vulnerability CVE-2020-16998 - Windows WalletService Information Disclosure Vulnerability CVE-2020-16999 - Remote Deskto...
KB4586785: Windows 10 Version 1803 November 2020 Security Update
The Microsoft 4586785 Product is missing security updates. - Remote Desktop Protocol Server Information Disclosure Vulnerability CVE-2020-16997 - DirectX Elevation of Privilege Vulnerability CVE-2020-16998 - Windows WalletService Information Disclosure Vulnerability CVE-2020-16999 - Remote Deskto...
MS Patch Tuesday: Googler Zero-Day Fixed in 33 Days
Last month, when Google researcher Tavis Ormandy released details on a critical Help and Support Center vulnerability that exposed Windows XP and Windows Server 2003 users to malicious hacker attacks, Microsoft was publicly unhappy with the decision. Ormandy claims he spent five days negotiating...
MS10-043: Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276)
A flaw exists in the way the Microsoft Canonical Display Driver cdd.dll parses information copied from user mode to kernel mode. If the Windows Aero theme is enabled, an attacker who tricks a user on the affected host into viewing a specially crafted image using an application that uses the APIs...
Microsoft Windows Canonical Display Driver Denial Of Service (CVE-2009-3678)
The Canonical Display Driver cdd.dll is used by desktop composition to blend GDI and DirectX drawing. CDD emulates the interface of a Windows XP display driver for interactions with the Win32k GDI graphics engine. A remote code execution vulnerability has been reported in Microsoft Windows...
CVE-2009-3678
Integer overflow in cdd.dll in the Canonical Display Driver CDD in Microsoft Windows Server 2008 R2 and Windows 7 on 64-bit platforms, when the Windows Aero theme is installed, allows context-dependent attackers to cause a denial of service reboot or possibly execute arbitrary code via a crafted...
CVE-2009-3678
CVE-2009-3678 describes an unauthenticated remote code-execution vulnerability in the Canonical Display Driver (cdd.dll) for 64-bit Windows 7/Windows Server 2008 R2 when the Windows Aero theme is enabled. The root cause is improper parsing of data copied from user-mode to kernel-mode in the Canon...