4 matches found
CVE-2009-2513
CVE-2009-2513 is the Win32k Insufficient Data Validation Vulnerability affecting the Windows kernel-mode GDI path (win32k.sys). The issue stems from improper validation of user-mode input in the GDI subsystem, allowing local users to execute arbitrary code in kernel mode and escalate privileges. ...
Microsoft Windows Win32k内核态驱动本地权限提升(MS09-065)
BUGTRAQ ID: 36939,36941 CVE ID: CVE-2009-1127,CVE-2009-2513 Microsoft Windows是微软发布的非常流行的操作系统。 Windows系统中的Win32k内核态驱动(Win32k.sys)没有正确地验证传送给Windows内核系统调用的参数,以及用户态通过GDI内核组件所传送的输入。拥有有效的登录凭据且能够本地登录的攻击者可以利用这些漏洞执行任意内核态代码。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP2...
Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities (969947)
This host is missing a critical security update according to Microsoft Bulletin MS09-065. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947)
The remote host contains a version of the Windows kernel that is affected by multiple vulnerabilities : - A NULL pointer dereferencing vulnerability allowing a local user to elevate his privileges CVE-2009-1127 - Insufficient validation of certain input passed to GDI from user mode allows a local...