CVE-2011-0090

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, ak...

CVE-2011-0087

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Insufficient User Input...

MS11-007: Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2485376)

The remote Windows host contains a version of the OpenType Compact Font Format CFF Font Driver that fails to properly validate certain data passed from user mode to kernel mode. A remote attacker could exploit this by tricking a user into viewing content rendered in a specially crafted CFF font v...

PT-2011-2076 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Windows XP versions SP2 through SP3 Windows Server 2003 version SP2 Windows Vista versions SP1 through SP2 Windows Server 2008 versions Gold through SP2 and R2 Windows 7 affected versions not specified Description: The issue arises from...

FreeBSD 8.0 Local Denial of Service (forced reboot)

Exploit for bsd platform in category dos / poc Exploit Title: FreeBSD local denial of service - forced reboot Date: 28. January 2011 Author: Kingcope Software Link: http://www.freebsd.org Operating System: FreeBSD Tested on: 8.0-RELEASE This source code when compiled and executed will reboot at...

DEBIAN-CVE-2010-4255

The fixuppagefault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handlegdtldtmappingfault function, which allows guest OS users to cause a denial of service host OS BUGON via a...

CVE-2010-4255

The fixuppagefault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handlegdtldtmappingfault function, which allows guest OS users to cause a denial of service host OS BUGON via a...

Memory corruption

The fixuppagefault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handlegdtldtmappingfault function, which allows guest OS users to cause a denial of service host OS BUGON via a...

CVE-2010-4255

The fixuppagefault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handlegdtldtmappingfault function, which allows guest OS users to cause a denial of service host OS BUGON via a...

Hardcoded credentials

The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by the Stuxnet worm, a...

CVE-2010-2743

The CVE-2010-2743 issue affects Windows XP SP3 kernel-mode components, specifically the Win32k NtUserLoadKeyboardLayoutEx path, where indexing of a function-pointer table during loading of keyboard layouts from disk allows a local user to escalate privileges. The underlying cause is improper hand...

CVE-2010-2743

The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by the Stuxnet worm, a...

PT-2011-1379 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: An issue exists due to the way Windows kernel-mode drivers load specific keyboard layouts, allowing an attacker to potentially run arbitrary code in kernel mode. This could enable the...

Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys <= 2011.1.13.89 Local Kernel Mode D.O.S Exploit(3 lines of code)

Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys = 2011.1.13.89 Local Kernel Mode D.O.S Exploit Date: 2011-1-16 Author: MJ0011 Version: KingSoft AntiVirus 2011 SP5.2 with KisKrnl.sys =2011.1.13.89 Tested on: Windows XP SP3 DETAILS: KisKrnl.sys hook the kernel function KiFastCallEntry , but is not...

Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode Denial of Service

Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode Denial of Service Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys = 2011.1.13.89 Local Kernel Mode D.O.S Exploit Date: 2011-1-16 Author: MJ0011 Software Link: http://cd001.www.duba.net/duba/install/2011/once/KAV110114DOWN913.exe...

xen: 64-bit PV xen guest can crash host by accessing hypervisor per-domain memory area

The fixuppagefault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handlegdtldtmappingfault function, which allows guest OS users to cause a denial of service host OS BUGON via a...

Microsoft Windows "Win32k.sys" 双重释放本地权限提升漏洞(MS10-098)

BUGTRAQ ID: 45287 CVE ID: CVE-2010-3941 Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft Windows的Win32k.sys驱动实现上存在双重释放漏洞，本地攻击者可利用此漏洞以内核级别的权限执行任意代码，从而完全控制受影响的计算机。 Microsoft Windows XP Microsoft Vista Microsoft Server 2008 厂商补丁： Microsoft --------- Microsoft已经为此发布了一个安全公告（MS10-098）以及相应补丁:...

Microsoft Office TIFF Image Converter内存破坏漏洞(MS10-098)

BUGTRAQ ID: 45285 CVE ID: CVE-2010-3950 Microsoft Office是非常流行的办公软件套件。 Microsoft Office处理包含畸形结构数据的TIFF图形文件时存在漏洞，攻击者可利用此漏洞通过诱使用户打开恶意Office文件以当前登录的用户身份执行任意代码或造成拒绝服务。 Microsoft Office XP SP3 Microsoft Works 9.0 厂商补丁： Microsoft --------- Microsoft已经为此发布了一个安全公告（MS10-098）以及相应补丁: MS10-098：Vulnerabilities...

ViRobot Desktop 5.5 and Server 3.5 2008.8.1.1 - Local Privilege Escalation

ViRobot Desktop 5.5 and Server 3.5 2008.8.1.1 - Local Privilege Escalation Hauri ViRobot Desktop 5.5 & ViRobot Server 3.5 VRsecos.sys =2008.8.1.1 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder$126.com VULNERABLE PRODUCTS Hauri ViRobot Desktop 5.5 and below Haur...

AhnLab V3 Internet Security 8.0 <= 1.2.0.4 Privilege Escalation

Exploit for windows platform in category local exploits AhnLab V3 Internet Security 8.0 with AhnRec2k.sys = 1.2.0.4 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder $ 126.com VULNERABLE PRODUCTS AhnLab V3 Internet Security = 8.0.3.28（build 746 DETAILS:...