Microsoft Windows DirectComposition Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

PT-2021-5995 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a buffer overflow in the DirectComposition component of the Win32k Win32k.sys in Windows operating systems. This allows an attacker to obtain sensitive information...

CVE-2021-33739

Microsoft DWM Core Library Elevation of Privilege Vulnerability Recent assessments: gwillcox-r7 at June 17, 2021 5:19pm UTC reported: Public PoC code has been supposively making the rounds courtesy of https://github.com/mavillon1/CVE-2021-33739-POC. There is also a detailed writeup on this issue ...

Binary Vulnerability in Microsoft DirectComposition

DirectComposition is a graphical interface rendering framework introduced by Microsoft in the kernel since Windows 8, mainly used for rendering windows, interfaces and animations of UWP applications. A binary vulnerability exists in Microsoft DirectComposition, which can be exploited by attackers...

Microsoft Windows CInteractionTrackerMarshaler Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within DirectComposition...

Microsoft Windows DirectComposition Uninitialized Pointer Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation...

(Pwn2Own) Microsoft Windows DirectComposition RemoveBindingManagerReferenceFromTrackerIfNecessary Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of th...

(Pwn2Own) Microsoft Windows DirectComposition SetBufferProperty Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of th...

(Pwn2Own) Microsoft Windows DirectComposition SetReferenceArrayProperty Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of th...

The vulnerability of the DirectComposition component in Windows operating system kernels allows a perpetrator to execute arbitrary code and gain control over the vulnerable system.

The vulnerability of the DirectComposition component in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code and gain control over the vulnerable system...

Microsoft Windows DirectComposition PropertySet Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

PT-2019-2614 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an elevation of privilege vulnerability that exists when the Windows kernel fails to properly handle objects in memory. This can allow an attacker to execute arbitra...

(Pwn2Own) Microsoft Windows DirectComposition PropertySet Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...