621 matches found
CVE-2015-2546
CVE-2015-2546 affects the Windows kernel Win32k memory handling (kernel‑mode driver) and enables local privilege escalation via a crafted application on affected Windows versions (Vista SP2 onward, Windows 7 SP1, 8/8.1, 10, Server editions). The root cause is a memory corruption vulnerability in ...
PT-2015-2023 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue exists due to insufficient input validation in the Windows operating system, allowing a local attacker to potentially elevate their privileges using a specially crafted applicatio...
Microsoft Windows Kernel Mode Driver CVE-2015-2527 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0 Avaya Meeting Exchange -...
Microsoft Windows Kernel Mode Driver CVE-2015-2511 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0 Avaya Meeting Exchange -...
Microsoft Windows Kernel Mode Driver CVE-2015-2517 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0 Avaya Meeting Exchange -...
KLA10656 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows and related products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges or execute arbitrary code. Below is a complete list of vulnerabilities 1. Imprope...
VulnCheck KEV: CVE-2015-2546
The kernel-mode driver in Microsoft Windows OS and Server allows local users to gain privileges via a crafted application...
CVE-2015-2454
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafte...
Security feature bypass
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafte...
CVE-2015-2454
CVE-2015-2454 concerns a vulnerability in the Windows kernel-mode driver where impersonation level handling is not properly constrained. The issue allows a local attacker to gain privileges by crafting an application, affecting multiple Windows versions listed in the initial document (Vista SP2, ...
CVE-2015-2454
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafte...
Microsoft Windows Kernel KMD Security Feature Bypass Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. A security feature bypass vulnerability exists in Microsoft Windows Kernel KMD, which can be exploited by an attacker to elevate privileges...
Microsoft Windows Server Elevation of Privilege Vulnerability (CNVD-2015-04661)
Microsoft Windows Server is a series of servers based on the windows operating system launched by the United States Microsoft Microsoft. A security vulnerability exists in the win32k.sys file in the kernel-mode driver for Microsoft Windows. A local attacker exploits the vulnerability to gain...
Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerabilities (3070102)
This host is missing an important security update according to Microsoft Bulletin MS15-073. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Windows ClientCopyImage Improper Object Handling Exploit
This Metasploit module exploits improper object handling in the win32k.sys kernel mode driver. This Metasploit module has been tested on vulnerable builds of Windows 7 x64 and x86, and Windows 2008 R2 SP1 x64. This module requires Metasploit: http://metasploit.com/download Current source:...
CVE-2015-1723
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges...
Microsoft Windows Kernel Mode Driver CVE-2015-1720 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsof...
Windows ClientCopyImage Win32k Exploit
This module exploits improper object handling in the win32k.sys kernel mode driver. This module has been tested on vulnerable builds of Windows 7 x64 and x86, and Windows 2008 R2 SP1 x64. This module requires Metasploit: https://metasploit.com/download Current source:...
Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerability (3045171)
This host is missing an important security update according to Microsoft Bulletin MS15-051. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Windows Kernel Mode Driver CVE-2015-1679 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information such as kernel memory contents. This may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP...