219 matches found
Privilege escalation
An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem CSRSS fails to properly handle objects in memory, aka 'Windows CSRSS Elevation of Privilege Vulnerability'...
CVE-2019-0735
An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem CSRSS fails to properly handle objects in memory, aka 'Windows CSRSS Elevation of Privilege Vulnerability'...
CVE-2019-0735
An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem CSRSS fails to properly handle objects in memory, aka 'Windows CSRSS Elevation of Privilege Vulnerability'...
CVE-2019-0735
CVE-2019-0735 is a Windows CSRSS elevation-of-privilege vulnerability caused by improper handling of in-memory objects. The entry documents a local attacker gain of high impact (confidentiality/ integrity/ availability) by exploiting this flaw. The CIRCL sighting notes an exploitation link (Explo...
KLA11875 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, bypass security restrictions, spoof user interface. Below is a complete list of...
April 12, 2016 — KB3147461 (OS Build 10240.16769)
April 12, 2016 — KB3147461 OS Build 10240.16769 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability for Windows Explorer, Bluetooth, application deployment service, Microsoft...
MS13-033: Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) could allow elevation of privilege: April 9, 2013
MS13-033: Vulnerability in Windows Client/Server Run-time Subsystem CSRSS could allow elevation of privilege: April 9, 2013 INTRODUCTION Microsoft has released security bulletin MS13-033. To view the complete security bulletin, visit one of the following Microsoft websites: Home users:...
MS11-056: Vulnerabilities in Windows CSRSS could allow elevation of privilege: July 12, 2011
MS11-056: Vulnerabilities in Windows CSRSS could allow elevation of privilege: July 12, 2011 Introduction Microsoft has released security bulletin MS11-056. To view the complete security bulletin, visit one of the following Microsoft websites: Home users:...
Microsoft Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048)
Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=692 Windows: CSRSS BaseSrvCheckVDM Session 0 Process Creation EoP Platform: Windows 8.1, not tested on Windows 10 or 7 Class: Elevation of Privilege Summary: The CSRSS BaseSrv RP...
Microsoft Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048)
Microsoft Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation MS16-048 / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=692 Windows: CSRSS BaseSrvCheckVDM Session 0 Process Creation EoP Platform: Windows 8.1, not tested on Windows 10 or 7 Class:...
Microsoft Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048)
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=692 Windows: CSRSS BaseSrvCheckVDM Session 0 Process Creation EoP Platform: Windows 8.1, not tested on Windows 10 or 7 Class: Elevation of Privilege Summary: The CSRSS BaseSrv RPC call BaseSrvCheckVDM allows you to create a new...
Microsoft Windows CSRSS Feature Bypass Vulnerability (3148528)
This host is missing an important security update according to Microsoft Bulletin MS16-048 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2016-0151
The Client-Server Run-time Subsystem CSRSS in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mismanages process tokens, which allows local users to gain privileges via a crafted application, aka "Windows CSRSS Security Feature Bypass...
Security feature bypass
The Client-Server Run-time Subsystem CSRSS in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mismanages process tokens, which allows local users to gain privileges via a crafted application, aka "Windows CSRSS Security Feature Bypass...
CVE-2016-0151
The Client-Server Run-time Subsystem CSRSS in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mismanages process tokens, which allows local users to gain privileges via a crafted application, aka "Windows CSRSS Security Feature Bypass...
CVE-2016-0151
The Client-Server Run-time Subsystem CSRSS in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mismanages process tokens, which allows local users to gain privileges via a crafted application, aka "Windows CSRSS Security Feature Bypass...
CVE-2016-0151
CVE-2016-0151 affects the Client-Server Run-time Subsystem (CSRSS) in Microsoft Windows 8.1, Windows Server 2012 (Gold/R2), Windows RT 8.1, and Windows 10 (Gold/1511). The root cause is mismanagement of process tokens in CSRSS/in memory, enabling local privilege escalation via a crafted applicati...
Cumulative Update for Windows 10: April 12, 2016
Cumulative Update for Windows 10: April 12, 2016 Summary This security update includes improvements and fixes in the functionality of Windows 10 and resolves the following vulnerabilities in Windows: 3148531 MS16-037: Cumulative Security Update for Internet Explorer 3148532 MS16-038: Cumulative...
MS16-048: Description of the security update for CSRSS: April 12, 2016
MS16-048: Description of the security update for CSRSS: April 12, 2016 Summary This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker logs on to a target system and runs a specially crafted application. To learn mor...
Windows CSRSS Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists in Microsoft Windows when the Client-Server Run-time Subsystem CSRSS fails to properly manage process tokens in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator. An attacker could then...