17 matches found
Exploit for Improper Resource Shutdown or Release in Microsoft
CVE-2018-8120 CVE-2018-8120 Windows LPE exploit 测试支持: Win7 x32, Win7 x64, Win2008 x32, Win2008 R2 x32, Win2008 R2 Datacenter x64, Win2008 Enterprise x64 WinXP x32, Win2003 x32,Win2003 x64 原exp不支持xp,2003,当前代码在原基础上增加了对这两个系统的支持。 Usage shell CVE-2018-8120 exploit by...
ScarCruft APT Adds Bluetooth Harvester to its Malware Bag of Tricks
The ScarCruft Korean-speaking APT is changing up its espionage tactics to include an unusual piece of malware devoted to harvesting Bluetooth information – while also showing some overlap with the DarkHotel APT. An analysis of ScarCruft’s binary infection procedure by Kaspersky Lab shows that in ...
Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows SetImeInfoEx Win32k NULL Pointer Dereference', 'Description' = %q This module exploits elevation of privilege vulnerability that exists i...
CVE-2018-4990 Adobe Reader code execution exploit analysis-exploit warning-the black bar safety net
2018 5 on 15 September, ESET released the article“A tale of two zero-days”, the article disclosed this year 3 month ESET in malware scan engine VirusTotal on the capture of the one used to attack the test PDF document. The PDF document contains a sample of two pieces of 0-day Vulnerability,...
Microsoft Windows Kernel 'Win32k.sys' Local Privilege Escalation Vulnerability(CVE-2018-8120)
作者:bigric3 作者博客: 5月15日ESET发文其在3月份捕获了一个 pdf远程代码执行(cve-2018-4990)+windows本地权限提升(cve-2018-8120)的样本。ESET发文后,我从vt上下载了这样一份样本()。初步逆向,大致明确如外界所传,该漏洞处于开发测试阶段,不慎被上传到了公网样本检测的网上,由ESET捕获并提交微软和adobe修补。测试特征字符串如下 定位样本中关键的代码并调试分析...
Immunity Canvas: SETIMEINFOEX_LPE
Name| setimeinfoexlpe ---|--- CVE| CVE-2018-8120 Exploit Pack| CANVAS Description| SetImeInfoEx LPE Notes| CVE Name: CVE-2018-8120 Notes: Tested: Windows 7 x64 Windows 7 x86 Windows Vista x86 Windows 2008 R2 x64 VENDOR: Microsoft CVE Url: https://nvd.nist.gov/vuln/detail/CVE-2018-8120 CVSS: 7.0...
Privilege escalation
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1,...
CVE-2018-8120
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124,...
CVE-2018-8120
CVE-2018-8120 is a Windows Win32k privilege-escalation vulnerability where the Win32k.sys component fails to properly handle objects in memory, enabling local kernel-mode code execution. Affected products include Windows 7, Windows Server 2008/2008 R2, and related Win32k components. The root caus...
Microsoft Patches Two Zero-Day Flaws Under Active Attack
It's time to gear up for the latest May 2018 Patch Tuesday. Microsoft has today released security patches for a total of 67 vulnerabilities, including two zero-days that have actively been exploited in the wild by cybercriminals, and two publicly disclosed bugs. In brief, Microsoft is addressing ...
CVE-2018-8120
creationtimestamp| type| source ---|---|--- 2018-05-09 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=289 2018-05-15 15:31:03+00:00| seen| MISP/5afafce0-0598-4ca0-b52a-41f4950d210f 2018-05-16 19:48:00+00:00| published-proof-of-concept| https://t.me/canyoupwnme/3768...
Microsoft Windows Multiple Vulnerabilities (KB4103718)
This host is missing a critical security update according to Microsoft KB4103718 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-8120
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka “Win32k Elevation of Privilege Vulnerability.” This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124,...
May Patch Tuesday Fixes Two Bugs Under Active Attack
Microsoft’s May Patch Tuesday fixes include two critical remote code-execution vulnerabilities, both of which are under active attack. The most serious of the two is tied to a Windows 10 VBScript engine and can be triggered when a victim visits a malicious website. “A user need only visit a...
Description of the security update for the vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: May 08, 2018
Description of the security update for the vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: May 08, 2018 Summary An elevation of privilege vulnerability and an information disclosure vulnerability exist in Windows when the Win32k component...
VulnCheck KEV: CVE-2018-8120
A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory...
Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8120 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1...