ViRobot Desktop 5.5 / Server 3.5 Privilege Escalation

Hauri ViRobot Desktop 5.5 & ViRobot Server 3.5 VRsecos.sys =2008.8.1.1 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder$126.com VULNERABLE PRODUCTS Hauri ViRobot Desktop 5.5 and below Hauri ViRobot Server 3.5 and below DETAILS: VRsecos.sys create a device called...

AhnLab V3 Internet Security 8.0 < 1.2.0.4 - Local Privilege Escalation

AhnLab V3 Internet Security 8.0 with AhnRec2k.sys = 1.2.0.4 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder $ 126.com VULNERABLE PRODUCTS AhnLab V3 Internet Security = 8.0.3.28（build 746 DETAILS: AhnRec2k.sys create a device called "AhnRecDrv" , and handles...

ViRobot Desktop 5.5 and Server 3.5 < 2008.8.1.1 - Local Privilege Escalation

Hauri ViRobot Desktop 5.5 & ViRobot Server 3.5 VRsecos.sys =2008.8.1.1 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder$126.com VULNERABLE PRODUCTS Hauri ViRobot Desktop 5.5 and below Hauri ViRobot Server 3.5 and below DETAILS: VRsecos.sys create a device called...

AhnLab V3 Internet Security 8.0 Privilege Escalation

AhnLab V3 Internet Security 8.0 with AhnRec2k.sys = 1.2.0.4 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder $ 126.com VULNERABLE PRODUCTS AhnLab V3 Internet Security = 8.0.3.28（build 746 DETAILS: AhnRec2k.sys create a device called "AhnRecDrv" , and handles...

AhnLab V3 Internet Security 8.0 1.2.0.4 - Local Privilege Escalation

AhnLab V3 Internet Security 8.0 1.2.0.4 - Local Privilege Escalation AhnLab V3 Internet Security 8.0 with AhnRec2k.sys = 1.2.0.4 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder $ 126.com VULNERABLE PRODUCTS AhnLab V3 Internet Security = 8.0.3.28（build 746 DETAIL...

NProtect Anti-Virus 2007 < 2010.5.11.1 - Local Privilege Escalation

NProtect Anti-Virus 2007 with TKRgAc2k.sys FsContext for each process to open the device,and save key/key value /virus name /event object in FsContext. Here contains a design error , if a registry operation is intercepted and match the rules , but event handle has not been set, TKAcRg2k.sys will...

ESTsoft ALYac Anti-Virus 1.5 <= 5.0.1.2 Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits ESTsoft ALYac Anti-Virus 1.5 with AYDrvNT.sys = 5.0.1.2 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder$126.com VULNERABLE PRODUCTS ALYac Anti-Virus 1.5 DETAILS: AYDrvNT.sys create a device called...

NProtect Anti-Virus 2007 Privilege Escalation

NProtect Anti-Virus 2007 with TKRgAc2k.sys FsContext for each process to open the device,and save key/key value /virus name /event object in FsContext. Here contains a design error , if a registry operation is intercepted and match the rules , but event handle has not been set, TKAcRg2k.sys will...

NProtect Anti-Virus 2007 2010.5.11.1 - Local Privilege Escalation

NProtect Anti-Virus 2007 2010.5.11.1 - Local Privilege Escalation NProtect Anti-Virus 2007 with TKRgAc2k.sys FsContext for each process to open the device,and save key/key value /virus name /event object in FsContext. Here contains a design error , if a registry operation is intercepted and match...

ESTsoft ALYac Anti-Virus 1.5 Privilege Escalation

ESTsoft ALYac Anti-Virus 1.5 with AYDrvNT.sys = 5.0.1.2 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder$126.com VULNERABLE PRODUCTS ALYac Anti-Virus 1.5 DETAILS: AYDrvNT.sys create a device called "AYDrvNTALYAC" , and handles the device io control code = 0x223e2...

CVE-2010-3943

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly link driver objects, which allows local users to gain privileges via a crafted application that...

Design/Logic Flaw

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for copies from user mode, which allows local users to gain privileges via a crafte...

Double free

Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted application, aka "Win32k PFE Pointer...

Memory corruption

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability."...

CVE-2010-3944

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability."...

CVE-2010-3939

CVE-2010-3939 describes a local privilege-escalation vulnerability in the Windows kernel via the win32k.sys driver. Affected products include Windows XP (SP2/SP3), Windows Server 2003 (SP2), Windows Vista (SP1/SP2), Windows Server 2008 (Gold, SP2, and R2), and Windows 7. The root cause is imprope...

CVE-2010-3939

Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via vectors related to improper memory allocation for copies...

CVE-2010-3942

CVE-2010-3942 affects Windows kernel-mode driver win32k.sys, where memory allocation for copies from user mode is flawed, enabling local privilege escalation on affected Windows versions (XP SP2/SP3, 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7). Connected sources corroborate t...

PT-2010-5192 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 through SP2 Microsoft Windows Server 2008 versions Gold, SP2, and R2 Microsoft Windows 7 affected versions not...

PT-2010-5181 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Windows XP versions SP2 through SP3 Windows Server 2003 version SP2 Windows Vista versions SP1 through SP2 Windows Server 2008 versions Gold through SP2 and R2 Windows 7 affected versions not specified Description: The issue is related to the...