122 matches found
CVE-2019-6492
CVE-2019-6492 affects IObit Smart Defrag 6, specifically SmartDefragDriver.sys (version 2.0). The issue: a kernel-pool allocation made with user-defined bytes/size via IOCTL 0x9C401CC4 is never freed, allowing a kernel-pointer leak if the pool grows large. This description is supported by Red Hat...
CVE-2018-20331
Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ATool v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002004 by the...
Buffer overflow
Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ATool v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002004 by the...
CVE-2018-20331
Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ATool v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002004 by the...
CVE-2018-20331
Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ATool v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002004 by the...
Microsoft Windows - nt!NtQueryInformationTransactionManager (TransactionManagerRecoveryInformation)
Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryInformationTransactionManager system call invoked with the TransactionManagerRecoveryInformation 4 information class may disclose uninitialized kernel pool memory to user-mode clients. The vulnerability...
Microsoft Windows - 'nt!NtQueryInformationTransactionManager (TransactionManagerRecoveryInformation)' Kernel Pool Memory Disclosure
/ We have discovered that the nt!NtQueryInformationTransactionManager system call invoked with the TransactionManagerRecoveryInformation 4 information class may disclose uninitialized kernel pool memory to user-mode clients. The vulnerability affects Windows 7 to 10, 32/64-bit. The output structu...
Microsoft Windows - nt!NtQueryInformationTransactionManager (TransactionManagerRecoveryInformation) Kernel Pool Memory Disclosure
Microsoft Windows - nt!NtQueryInformationTransactionManager TransactionManagerRecoveryInformation Kernel Pool Memory Disclosure / We have discovered that the nt!NtQueryInformationTransactionManager system call invoked with the TransactionManagerRecoveryInformation 4 information class may disclose...
Microsoft Windows - nt!NtQuerySystemInformation (information class 138, QueryMemoryTopologyInformati
Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQuerySystemInformation system call invoked with the 138 information class discloses portions of uninitialized kernel pool memory to user-mode clients. The specific information class is handled by an internal...
Microsoft Windows - nt!NtQuerySystemInformation (information class 138_ QueryMemoryTopologyInformation) Kernel Pool Memory Disclosure
Microsoft Windows - nt!NtQuerySystemInformation information class 138 QueryMemoryTopologyInformation Kernel Pool Memory Disclosure / We have discovered that the nt!NtQuerySystemInformation system call invoked with the 138 information class discloses portions of uninitialized kernel pool memory to...
Memory corruption
Kernel pool memory corruption in one of drivers in Kaspersky Embedded Systems Security version 1.2.0.300 leads to local privilege escalation...
CVE-2017-12823
Kernel pool memory corruption in one of drivers in Kaspersky Embedded Systems Security version 1.2.0.300 leads to local privilege escalation...
HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow
Exploit-CVE-2017-6008 The CVE-2017-6008 is a vulnerability in the HitmanPro scan that allows privilege escalation by exploiting a kernel pool buffer overflow. The exploits here use the Quota Process Pointer Overwrite attack as described in the Tarjei Mandt's paper Also, the exploits use my Pool...
HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow
HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow Exploit-CVE-2017-6008 The CVE-2017-6008 is a vulnerability in the HitmanPro scan that allows privilege escalation by exploiting a kernel pool buffer overflow. The exploits here use the Quota Process Pointer Overwrite attack as described in the...
HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow Exploit
Exploit for windows platform in category local exploits Exploit-CVE-2017-6008 The CVE-2017-6008 is a vulnerability in the HitmanPro scan that allows privilege escalation by exploiting a kernel pool buffer overflow. The exploits here use the Quota Process Pointer Overwrite attack as described in t...
Microsoft Windows Kernel Pool nt!NtQueryObject (ObjectNameInformation) Memory Disclosure Vulnerabi
Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1303&desc=2 We have discovered that the nt!NtQueryObject syscall handler discloses portions of uninitialized pool memory to user-mode clients when the following conditions are me...
Microsoft Windows - 'nt!NtQueryObject (ObjectNameInformation)' Kernel Pool Memory Disclosure
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1303&desc=2 We have discovered that the nt!NtQueryObject syscall handler discloses portions of uninitialized pool memory to user-mode clients when the following conditions are met: a It is invoked with the ObjectNameInformation...
Microsoft Windows - nt!NtQueryObject (ObjectNameInformation) Kernel Pool Memory Disclosure
Microsoft Windows - nt!NtQueryObject ObjectNameInformation Kernel Pool Memory Disclosure / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1303&desc=2 We have discovered that the nt!NtQueryObject syscall handler discloses portions of uninitialized pool memory to user-mode client...
CVE-2017-6007
A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 included in the HitmanPro.Alert solution and Sophos Clean allows local users to crash the OS via a malformed IOCTL call...
Buffer overflow
A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 included in the HitmanPro.Alert solution and Sophos Clean allows local users to escalate privileges via a malformed IOCTL call...