Lucene search
K

24 matches found

ATTACKERKB
ATTACKERKB
added 2013/05/24 12:0 a.m.49 views

CVE-2013-3660

The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does not properly initialize a pointer for the next...

7.8CVSS7.6AI score0.39578EPSS
In wildExploits6References19
myhack58
myhack58
added 2013/05/23 12:0 a.m.45 views

The Windows kernel-EPATHOBJ 0day exploit-vulnerability warning-the black bar safety net

This vulnerability is through the PATHALLOCfor memory pressure of the test broke, the first use of PATHRECpointing to the same user space PATHREC EPATHOBJ::bFlatten it will”spin”for an unlimited linked list traversal. Such as:PathRecord-next = PathRecord; Although it will spin,but it will be by...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2013/05/21 12:0 a.m.31 views

Microsoft Windows - Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase

Microsoft Windows - Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase I'm quite proud of this list cycle trick, here's how to turn it into an arbitrary write. First, we create a watchdog thread that will patch the list atomically when we're ready. This is needed because we can't...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2013/05/21 12:0 a.m.56 views

Microsoft Windows - Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase

I'm quite proud of this list cycle trick, here's how to turn it into an arbitrary write. First, we create a watchdog thread that will patch the list atomically when we're ready. This is needed because we can't exploit the bug while HeavyAllocPool is failing, because of the early exit in...

7AI score
Exploits0
Rows per page
Query Builder