8 matches found
SAS CTF and the many ways to persist a kernel shellcode on Windows 7
On May 18, 2024, Kaspersky's Global Research & Analysis Team GReAT, with the help of its partners, held the qualifying stage of the SAS CTF, an international competition of cybersecurity experts held as part of the Security Analyst Summit conference. More than 800 teams from all over the world to...
Microsoft Windows Kernel win32k.sys Privilege Escalation (MS11-011; CVE-2010-4398)
The Windows kernel is the core of the operating system. It provides system-level services such as device management and memory management, allocates processor time to processes, and manages error handling. An elevation of privilege vulnerability has been reported in the Windows kernel. The...
MS11-011: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2393802)
The remote Windows host is running a version of the Windows kernel that is affected by one or more of the following vulnerabilities : - A buffer overflow in the 'GreEnableEUDC' function can be triggered using specially crafted end-user-defined characters EUDC registry key values. CVE-2010-4398 - ...
Immunity Canvas: MS_ENABLEEUDC
Name| msenableeudc ---|--- CVE| CVE-2010-4398 Exploit Pack| CANVAS Description| Windows EnableEUDC Privilege Escalation Exploit Notes| Repeatability: Notes: Tested on Windows 7 x86/64. VENDOR: Microsoft CVE Name: CVE-2010-4398...
CVE-2010-4398
Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control...
CVE-2010-4398
CVE-2010-4398 is a stack-based buffer overflow in win32k.sys (RtlQueryRegistryValues) that enables local privilege escalation and UAC bypass across multiple Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 SP2/R2, and Windows 7). The vulnerability is triggered by a craft...
CVE-2010-4398
Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control...
CVE-2010-4398
creationtimestamp| type| source ---|---|--- 2010-11-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/15609 2020-10-09 17:20:16+00:00| seen| MISP/d765ce80-c55a-4fd6-8a7e-242cca159458 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-10-18...