219 matches found
csrss.exe double-free vulnerability - arbitrary DWORD overwrite exploit
Hi, For those researchers who are interested in the Csrss Double-Free vulnerability, I have coded an arbitrary DWORD overwrite exploit. This flaw is hard to exploit at least for me due to the the "fail-and-die" situation. Corrupting the heap in a process like Csrss is dangerous. However, by...
CVE-2006-6797
The Client Server Run-Time Subsystem CSRSS in Microsoft Windows allows local users to cause a denial of service crash or read arbitrary memory from csrss.exe via crafted arguments to the NtRaiseHardError function with status 0x50000018, a different vulnerability than CVE-2006-6696...
CVE-2006-6696
CVE-2006-6696 is a CSRSS vulnerability in Windows where improper handling of a MessageBox call with MB_SERVICE_NOTIFICATION can send a crafted HardError to CSRSS, enabling remote code execution. Public details indicate the issue affects multiple Windows versions (Windows 2000, XP, Server 2003, Vi...
Microsoft Windows CSRSS HardError Messages Denial of Service Vulnerability
Description Microsoft Windows is prone to a local denial-of-service vulnerability because the operating system fails to handle certain API calls with unexpected parameters. A local unprivileged attacker may exploit this issue by executing a malicious application. Successful exploits will allow...
Microsoft Windows csrss (?) memory corruption exploited in-the-wild
Dear [email protected], On one of Russian forum security vulnerability is discussed in Microsoft Windows Windows XP is tested. A vulnerability is caused by memory corruption is string beginning with "?" is send thorugh MessageBox API with MBSERVICENOTIFICATION flag. It looks like some "debug"...
Microsoft Windows CSRSS privilege escalation
It's possible to elevate privileges with manifest file...
About 9 lines of code cause the system to crash analysis-vulnerability warning-the black bar safety net
At present, many places are reproduced with the use of 9 lines of code history windows crash of the article, but I found no information about why would make windows crash analysis. I'll take the original for everyone to see. Then put the specific details in the way. Microsoft has claimed that...
MS Windows CSRSS Local Privilege Escalation Exploit (MS05-018)
Exploit for unknown platform in category local exploits ============================================================== MS Windows CSRSS Local Privilege Escalation Exploit MS05-018 ============================================================== include include include pragma comment...
Microsoft Windows - CSRSS Privilege Escalation (MS05-018)
include include include pragma comment lib,"Advapi32.lib" typedef struct CONSOLESTATEINFO / 0x00 / DWORD cbSize; / 0x04 / COORD ScreenBufferSize; / 0x08 / COORD WindowSize; / 0x0c / POINT WindowPosition; / 0x14 / COORD FontSize; / 0x18 / DWORD FontFamily; / 0x1c / DWORD FontWeight; / 0x20 / WCHAR...
CVE-2005-0551
CVE-2005-0551 corresponds to a local privilege-elevation vulnerability in CSRSS (Client Server Runtime Subsystem) via WINSRV.DLL handling a console window FaceName string. A stack-based buffer overflow in CONSOLE_STATE_INFO (FaceName[32]) can be triggered by a crafted console window, enabling a l...
Windows 2000/XP/2003 kernel multiple vulnerabilities
Buffer overflow during font files parsing, buffer overflow in CSRSS Win32 execution subsystem, privilege escalation...
Microsoft Client Server Runtime System Vulnerability
Overview The Microsoft Client Server Runtime System CSRSS incorrectly validates certain messages potentially resulting in privilege elevation. Description CSRSS is the user-mode part of the Win32 subsystem. Win32.sys is the kernel-mode portion of the Win32 subsystem. The Win32 subsystem must be...
Microsoft Windows Kernel CSRSS Local Privilege Escalation Vulnerability
Description A local privilege-escalation vulnerability affects Microsoft Windows because the kernel fails to properly handle user-supplied messages. A local attacker may leverage this issue to completely compromise the computer. Technologies Affected Microsoft Windows 2000 Advanced Server Microso...
CVE-2001-1288
Windows 2000 and Windows NT allows local users to cause a denial of service reboot by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe...
Локальный DoS в Windows NT/2000
Вывод в консоле большого числа неотображаемых символов приводит к кразу подсистемы Win32 CSRSS...
Microsoft Windows NT 34.0 - CSRSS Memory Access Violation
Microsoft Windows NT 34.0 - CSRSS Memory Access Violation // source: https://www.securityfocus.com/bid/3478/info CSRSS.EXE is the Windows NT Client Server Run-time Subsystem. It is responsible for console windows and the creation and deletion of threads. The Windows NT kernel is dependant on this...
Microsoft Windows NT 3/4.0 - CSRSS Memory Access Violation
// source: https://www.securityfocus.com/bid/3478/info CSRSS.EXE is the Windows NT Client Server Run-time Subsystem. It is responsible for console windows and the creation and deletion of threads. The Windows NT kernel is dependant on this service and will halt if the service stops for any reason...
CVE-1999-0723
The Windows NT Client Server Runtime Subsystem CSRSS can be subjected to a denial of service when all worker threads are waiting for user input...
CVE-1999-0723
The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial-of-service when all worker threads are waiting for user input. Connected records confirm CSRSS as the vulnerable component and describe the impact as availability-related DoS, CVSS v2 base score 7.1. No concrete d...