122 matches found
Buffer overflow
A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 included in the HitmanPro.Alert solution and Sophos Clean allows local users to crash the OS via a malformed IOCTL call...
CVE-2017-6007
A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 included in the HitmanPro.Alert solution and Sophos Clean allows local users to crash the OS via a malformed IOCTL call...
CVE-2017-6008
A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 included in the HitmanPro.Alert solution and Sophos Clean allows local users to escalate privileges via a malformed IOCTL call...
CVE-2017-6008
A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 included in the HitmanPro.Alert solution and Sophos Clean allows local users to escalate privileges via a malformed IOCTL call...
CVE-2017-6007
CVE-2017-6007 describes a kernel pool overflow in the driver hitmanpro37.sys used by Sophos SurfRight HitmanPro (and HitmanPro.Alert/Sophos Clean). The vulnerability allows a local attacker to crash the operating system via a malformed IOCTL call. Affected software is HitmanPro before 3.7.20 Buil...
CVE-2017-6008
CVE-2017-6008 affects Sophos SurfRight HitmanPro driver HitmanPro37.sys (pre-3.7.20 Build 286). It describes a local privilege escalation via a kernel pool overflow triggered by a malformed IOCTL, enabling arbitrary kernel memory manipulation and SYSTEM-level access. Connected documents outline e...
CVE-2017-6008
A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 included in the HitmanPro.Alert solution and Sophos Clean allows local users to escalate privileges via a malformed IOCTL call...
CVE-2017-14344
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL...
CVE-2017-14344
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL...
Jungo DriverWizard WinDriver < 12.4.0 - Kernel Pool Overflow / Local Privilege Escalation (2)
-- coding: utf-8 -- """ Jungo DriverWizard WinDriver Kernel Pool Overflow Vulnerability Download: http://www.jungo.com/st/products/windriver/ File: WD1240.EXE Sha1: 3527cc974ec885166f0d96f6aedc8e542bb66cba Driver: windrvr1240.sys Sha1: 0f212075d86ef7e859c1941f8e5b9e7a6f2558ad CVE: CVE-2017-14344...
Jungo DriverWizard WinDriver 12.4.0 Overflow
-- coding: utf-8 -- """ Jungo DriverWizard WinDriver Kernel Pool Overflow Vulnerability Download: http://www.jungo.com/st/products/windriver/ File: WD1240.EXE Sha1: 3527cc974ec885166f0d96f6aedc8e542bb66cba Driver: windrvr1240.sys Sha1: 0f212075d86ef7e859c1941f8e5b9e7a6f2558ad CVE: CVE-2017-14344...
Jungo DriverWizard WinDriver 12.4.0 - Kernel Pool Overflow Local Privilege Escalation (2)
Jungo DriverWizard WinDriver 12.4.0 - Kernel Pool Overflow Local Privilege Escalation 2 -- coding: utf-8 -- """ Jungo DriverWizard WinDriver Kernel Pool Overflow Vulnerability Download: http://www.jungo.com/st/products/windriver/ File: WD1240.EXE Sha1: 3527cc974ec885166f0d96f6aedc8e542bb66cba...
CVE-2017-14153
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL...
Code injection
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL...
CVE-2017-14153
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL...
Jungo DriverWizard WinDrive Overflow
-- coding: utf-8 -- """ Jungo DriverWizard WinDriver Kernel Pool Overflow Vulnerability Download: http://www.jungo.com/st/products/windriver/ File: WD1240.EXE Sha1: 3527cc974ec885166f0d96f6aedc8e542bb66cba Driver: windrvr1240.sys Sha1: 0f212075d86ef7e859c1941f8e5b9e7a6f2558ad CVE: CVE-2017-14153...
Jungo DriverWizard WinDriver 12.4.0 - Kernel Pool Overflow Local Privilege Escalation (1)
Jungo DriverWizard WinDriver 12.4.0 - Kernel Pool Overflow Local Privilege Escalation 1 -- coding: utf-8 -- """ Jungo DriverWizard WinDriver Kernel Pool Overflow Vulnerability Download: http://www.jungo.com/st/products/windriver/ File: WD1240.EXE Sha1: 3527cc974ec885166f0d96f6aedc8e542bb66cba...
SRC-2017-0026 : Jungo DriverWizard WinDriver Kernel Pool Overflow Privilege Escalation Vulnerability
Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Jungo WinDriver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...
Kernel pool overflow exploit combat of Windows 10-bug warning-the black bar safety net
One, Foreword This is the kernel pool overflow exploit combat of Windows 7 throughout the sequel, we will be in the Windows 10 system to achieve the same exploits, it will be more challenging because of Microsoft ever since Windows 8 has taken a lot for the kernel pool attacks defenses. This...
Windows Kernel pool memory disclosure in nt!NtNotifyChangeDirectoryFile(CVE-2017-0299)
We have discovered that the nt!NtNotifyChangeDirectoryFile system call discloses portions of uninitialized pool memory to user-mode clients, due to output structure alignment holes. On our test Windows 10 32-bit workstation, an example layout of the output buffer is as follows: --- cut ---...