3 matches found
CVE-2022-32230 SMBv3 FileNormalizedNameInformation NULL Pointer Dereference
Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death BSOD crash of the Windows kernel. For most...
Microsoft Windows Local Spooler Bypass Vulnerability
Windows: Local Spooler CVE-2020-1337 Bypass One way of exploiting this on Windows 10 2004 is to understand that FileNormalizedNameInformation will fail if the new path after the mount point is not under the root directory of the server. For example the admin$ share points to c:\windows. If you se...
Microsoft Windows Local Spooler Bypass
Windows: Local Spooler CVE-2020-1337 Bypass One way of exploiting this on Windows 10 2004 is to understand that FileNormalizedNameInformation will fail if the new path after the mount point is not under the root directory of the server. For example the admin$ share points to c:\windows. If you se...