12 matches found
Exploit for CVE-2015-1701
CVE-2015-1701 Win32k Elevation of Privilege Vulnerability. Original info https://www.fireeye.com/blog/threat-research/2015/04/probableapt28useo.html Protection Apply MS15-051 for fix. https://technet.microsoft.com/library/security/MS15-051 Authors c 2015 CVE-2015-1701 Project Credits R136a1...
MS15-051 Win32k ClientCopyImage Elevation of Privilege Vulnerability (CVE-2015-1701)
No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/post/windows/reflectivedllinjection' require 'rex' class MetasploitModule 'Windows ClientCopyImage...
The EPS Awakens - Part 2
On Wednesday, Dec. 16, 2015, FireEye published The EPS Awakens, detailing an exploit targeting a previously unknown Microsoft Encapsulated Postscript EPS dict copy use-after-free vulnerability that was silently patched by Microsoft on November 10, 2015. The blog described the technical details of...
Microsoft Windows ClientCopyImage Improper Object Handling Exploit
This Metasploit module exploits improper object handling in the win32k.sys kernel mode driver. This Metasploit module has been tested on vulnerable builds of Windows 7 x64 and x86, and Windows 2008 R2 SP1 x64. This module requires Metasploit: http://metasploit.com/download Current source:...
Microsoft Windows ClientCopyImage Improper Object Handling
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/post/windows/reflectivedllinjection' require 'rex' class Metasploit3 'Windows ClientCopyImage Win32k Exploit', 'Description' = %q Thi...
KLA10580 Multiple vulnerabilities in Microsoft products
Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An unknown...
MS15-051: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (3057191)
The version of Windows running on the remote host is affected by multiple vulnerabilities : - Multiple information disclosure vulnerabilities exist due to the Win32k.sys kernel-mode driver improperly handling objects in memory. A local attacker can exploit this to reveal private address informati...
Immunity Canvas: MS15_051
Name| ms15051 ---|--- CVE| CVE-2015-1701 Exploit Pack| CANVAS Description| win32k.sys bServerSideWindowProc flag logic issue Notes| Repeatability: Infinite Notes: This module exploits a vulnerability on the win32k.sys driver. The bServerSideWindowProc flag on the window's handle structure is mean...
CVE-2015-1701
Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability."...
CVE-2015-1701
Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability."...
CVE-2015-1701
CVE-2015-1701 is a Win32k.sys kernel-mode privilege-escalation flaw affecting Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2. The issue stems from improper handling within win32k, notably around the ClientCopyImage/SetWindowLongPtr path, enabling a crafted user-mode input to execute code...
CVE-2015-1701
creationtimestamp| type| source ---|---|--- 2015-04-20 06:14:06+00:00| seen| MISP/553498df-ff70-43d0-b067-4cf3950d210b 2015-05-18 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37049 2015-06-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37367 2015-12-29...