Microsoft Windows Diagnostics Hub - DLL Load Privilege Escalation (MS16-125)

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=887 Windows: Diagnostics Hub DLL Load EoP Platform: Windows 10 10586, not tested 8.1 Update 2 or Windows 7 Class: Elevation of Privilege Summary: The fix for CVE-2016-3231 is insufficient to prevent a normal user specifying an...

Microsoft Windows Diagnostics Hub - DLL Load Privilege Escalation (MS16-125)

Microsoft Windows Diagnostics Hub - DLL Load Privilege Escalation MS16-125 / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=887 Windows: Diagnostics Hub DLL Load EoP Platform: Windows 10 10586, not tested 8.1 Update 2 or Windows 7 Class: Elevation of Privilege Summary: The fix...

CVE-2016-3231

The CVE-2016-3231 issue affects the Windows Diagnostics Hub Standard Collector Service, where improper handling of the agent DLL path enables local privilege escalation via arbitrary DLL loading. The root cause is unsafe library loading due to not properly sanitizing the input path, allowing an a...

Microsoft Windows Diagnostics Hub Elevation of Privilege (MS16-078: CVE-2016-3231)

A directory traversal vulnerability exists in Microsoft windows within the Diagnostics Hub component that could allow a privielege escalation. The root cause is that the Diagnostic Hup standard collector service fails to validate a safe path to the agent dll which may be abused to force the...