Microsoft Windows Elevation of Privilege Vulnerability (CNVD-2015-04691)

Microsoft Windows is a series of operating systems designed for personal computer and server users by the American company Microsoft. An elevation of privilege vulnerability exists in the Microsoft Windows kernel mode driver due to a failure of the program to properly handle processing memory...

One class to rule them all

This vulnerability allows for arbitrary code execution in the context of many apps and services and results in elevation of privileges. There is a Proof-of-Concept exploit against the Google Nexus 5 device, that achieves code execution inside the highly privileged systemserver process, and then...

Microsoft Windows Kernel 'Win32k.sys' local elevation of privilege vulnerability (CNVD-2015-01097)

Microsoft Windows is a popular operating system. A security vulnerability in Microsoft Windows 'Win32k.sys' handling windows cursor objects allows local attackers to exploit the vulnerability to elevate privileges and execute arbitrary code in kernel context...

Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047)

No description provided by source. Microsoft Windows KTM Invalid Free with reused transaction GUID ---------------------------------------------------------------------------- CVE-2010-1889 The Kernel Transaction Manager ktm was introduced in Windows Vista and has been included in subsequent...

Microsoft Windows win32k!GreStretchBltInternal() Does Not Handle src == dest

No description provided by source. Microsoft Windows win32k!GreStretchBltInternal does not handle src == dest ---------------------------------------------------------------------------- A bitblt bit block transfer is used to copy one rectangular region of screen to another, often performing a...

PT-2013-4718 · Microsoft · Windows Server 2008 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2 Microsoft Windows Server 2008 R2 SP1 Microsoft Windows 7 SP1 Description: An elevation of privilege issue exists due to improper handling of objects in memory by the Microsoft...

APPLE-SA-2013-03-19-1 iOS 6.1.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-03-19-1 iOS 6.1.3 iOS 6.1.3 is now available and addresses the following: dyld Available for: iPhone 3GS and later, iPod touch 4th generation and later, iPad 2 and later Impact: A local user may be able to execute unsigned code...

Apple iPhone/iPad/iPod touch iOS 6.1.3之前版本本地任意内核代码执行漏洞(CVE-2013-0981)

BUGTRAQ ID: 58589 CVECAN ID: CVE-2013-0981 Apple iOS是由苹果公司开发的手持设备操作系统。 iPhone, iPod touch, iPad上使用的Apple iOS 6.1.3之前版本，IOUSBDeviceFamily驱动程序使用了来自于用户空间的pipe对象指针，本地用户可利用此漏洞在内核中执行任意代码。 0 Apple iOS = 6.1.3 厂商补丁： Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://support.apple.com/...

Root Exploit in Devices with Samsung's Exynos Processors

An XDA Developers forum member operating under the handle alephzain has created an exploit that obtains root privileges and enables malicious application installation on the many Samsung devices that contain Exynos 4210 and 4412 processors. The list of devices that use the affected processors...

Code injection

The kernel in Apple iOS before 6 dereferences invalid pointers during the handling of packet-filter data structures, which allows local users to gain privileges via a crafted program that makes packet-filter ioctl calls...

Micro-point active Defense software privilege escalation-vulnerability warning-the black bar safety net

Brief description: Micro-point active Defense software could allow elevation of Privilege, leading to execute arbitrary kernel code Detailed description: Micro-point active Defense software mp110012. sys file fails to properly check user of the incoming parameters, can lead to execute arbitrary...

PT-2011-3525 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Windows XP versions SP2 and SP3 Windows Server 2003 version SP2 Windows Vista version SP2 Windows Server 2008 versions SP2, R2, and R2 SP1 Windows 7 versions Gold and SP1 Description: The issue arises from improper validation of user-mode inp...

PT-2011-3542 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 versions Gold through SP1 Description: A...

Data Encryption Systems - DESLock+ - Local Kernel Code Execution/Denial of Service

===============================ADVISORY=============================== Advisory: Data Encryption Systems - DESLock+ - Local Kernel Code Execution/Denial of Service Advisory ID: DSEC-2011-0002 Author: Neil Kettle, Digit Security Ltd Affected Software: Data Encryption Systems - DESLock+ Vendor URL:...

PT-2011-2030 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 and SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 and SP2 Microsoft Windows Server 2008 versions Gold, SP2, and R2 Microsoft Windows 7 Description: The issue arises from t...

Linux Kernel CAP_SYS_ADMIN to root Exploit

No description provided by source. / Linux Kernel CAPSYSADMIN to root exploit by Dan Rosenberg @djrbliss on twitter Usage: gcc -w caps-to-root.c -o caps-to-root sudo setcap capsysadmin+ep caps-to-root ./caps-to-root This exploit is NOT stable: It only works on 32-bit x86 machines It only works on...

Linux Kernel 2.6.34 (Ubuntu 10.10 x86) - CAP_SYS_ADMIN Local Privilege Escalation (1)

Linux Kernel 2.6.34 Ubuntu 10.10 x86 - CAPSYSADMIN Local Privilege Escalation 1 / Linux Kernel CAPSYSADMIN to root exploit by Dan Rosenberg @djrbliss on twitter Usage: gcc -w caps-to-root.c -o caps-to-root sudo setcap capsysadmin+ep caps-to-root ./caps-to-root This exploit is NOT stable: It only...

FreeBSD 'pseudofs' NULL Pointer Dereference Local Privilege Escalation Vulnerability

No description provided by source. / Source: http://www.securityfocus.com/bid/43060/info 18.08.2010, babcia padlina FreeBSD 7.0 - 7.2 pseudofs null ptr dereference exploit to obtain SYSENT8SYCALLADDR, run: $ kgdb /boot/kernel/kernel kgdb print &sysent8.sycall / define SYSENT8SYCALLADDR 0xc0c4afa4...

FreeBSD - 'pseudofs' Null Pointer Dereference Privilege Escalation

/ source: https://www.securityfocus.com/bid/43060/info 18.08.2010, babcia padlina FreeBSD 7.0 - 7.2 pseudofs null ptr dereference exploit to obtain SYSENT8SYCALLADDR, run: $ kgdb /boot/kernel/kernel kgdb print &sysent8.sycall / define SYSENT8SYCALLADDR 0xc0c4afa4 / FreeBSD 7.2-RELEASE / define...

Microsoft Windows - Win32k!GreStretchBltInternal() Does Not Handle src == dest

Microsoft Windows win32k!GreStretchBltInternal does not handle src == dest ---------------------------------------------------------------------------- A bitblt bit block transfer is used to copy one rectangular region of screen to another, often performing a raster operation rop of some sort e.g...