CVE-2016-3309

CVE-2016-3309 is a Windows kernel Win32k elevation-of-privilege vulnerability. A local attacker could gain SYSTEM privileges by exploiting a pool/handle-management issue in win32k, enabling code execution in kernel mode. Connected sources document an exploit (win32kfull!bFill pool overflow) and i...

CVE-2016-3311

CVE-2016-3311 is a Windows kernel-mode driver elevation of privilege vulnerability affecting multiple Windows versions (Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, 8.1, Server 2012, Windows RT 8.1, and Windows 10 variants). The issue arises in Win32k kernel components where a crafted applicatio...

CVE-2016-3311

The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka “Win32k Elevation of...

Microsoft Win32k Elevation of Privilege (MS16-098: CVE-2016-3311)

An elevation of privilege vulnerability exists in Microsoft Windows Win32k. The defect is found in win32kfull sub component which results in an out of bounds memory access. A successful exploitation of this issue could allow an attacker to elevate his privileges on the system...

Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3311 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...