Lucene search
K

7 matches found

Packet Storm
Packet Storm
added 2023/09/27 12:0 a.m.464 views

Microsoft Error Reporting Local Privilege Elevation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Error Reporting Local Privilege Elevation Vulnerability', 'Description' = %q This module takes advantage of a bug in the way Windows...

7.8CVSS7.1AI score0.43058EPSS
Exploits5
0day.today
0day.today
added 2023/09/27 12:0 a.m.429 views

Microsoft Error Reporting Local Privilege Elevation Exploit

This Metasploit module takes advantage of a bug in the way Windows error reporting opens the report parser. If you open a report, Windows uses a relative path to locate the rendering program. By creating a specific alternate directory structure, we can coerce Windows into opening an arbitrary...

7.8CVSS6.7AI score0.43058EPSS
Exploits5
GithubExploit
GithubExploit
added 2023/08/24 10:24 p.m.769 views

Exploit for Link Following in Microsoft

CVE-2023-36874 Windows Error Reporting LPE BOF Introductio...

7.8CVSS8.9AI score0.43058EPSS
Exploits5
NVD
NVD
added 2023/07/11 6:15 p.m.21 views

CVE-2023-36874

Windows Error Reporting Service Elevation of Privilege Vulnerability...

7.8CVSS8.7AI score0.43058EPSS
Exploits5References3
Vulnrichment
Vulnrichment
added 2023/07/11 5:3 p.m.27 views

CVE-2023-36874 Windows Error Reporting Service Elevation of Privilege Vulnerability

...

7.8CVSS6.8AI score0.43058EPSS
Exploits5References1
CVE
CVE
added 2023/07/11 5:3 p.m.662 views

CVE-2023-36874

CVE-2023-36874 is a Windows Error Reporting Service privilege-escalation vulnerability. The root cause described in the sources is a filesystem/relative-path handling flaw: WER may invoke wermgr.exe using a relative path and does not validate symbolic links, allowing a non-system executable to be...

7.8CVSS8.7AI score0.43058EPSS
In wildExploits5References3Affected Software12
ATTACKERKB
ATTACKERKB
added 2023/07/11 12:0 a.m.145 views

CVE-2023-36874

Windows Error Reporting Service Elevation of Privilege Vulnerability Recent assessments: bwatters-r7 at January 17, 2024 4:54pm UTC reported: CVE-2023-36874 is a filesystem redirection vulnerability that relies on a trusted process using relative filepath data and poor file validation to allow a...

7.8CVSS8.6AI score0.43058EPSS
In wildExploits5References4
Rows per page
Query Builder