CVE-2010-0485

The CVE-2010-0485 issue affects Windows kernel-mode drivers in win32k.sys across multiple OS versions (Windows 2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2, Windows 7, Server 2008 R2). The vulnerability stems from improper validation of callback parameters when creat...

CVE-2010-1255

CVE-2010-1255 maps to the Win32k TrueType Font Parsing Vulnerability in Windows kernel-mode driver win32k.sys. The issue concerns how glyph outline information is provided to user-mode applications, enabling local users to execute arbitrary code in kernel mode. Affected products include Windows 2...

CVE-2010-1255

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 allows local users to execute arbitrary code via vectors related to "glyph outline information" and TrueType...

CVE-2010-0485

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execu...

CVE-2010-0485

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execu...

PT-2010-2960 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue allows local users to execute arbitrary code via vectors related to glyph outline information and TrueType fonts. An elevation of privilege vulnerability exists due ...

PT-2010-2246 · Microsoft · Windows Xp +7

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 2000 SP4 through 2000 SP4 Microsoft Windows versions XP SP2 through XP SP3 Microsoft Windows versions Server 2003 SP2 Microsoft Windows versions Vista SP1 through Vista SP2 Microsoft Windows versions Server 2008 Gol...

PT-2010-2245 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue arises from the Windows kernel-mode drivers not properly validating changes in certain kernel objects, allowing local users to execute arbitrary code. This could...

PT-2010-2545 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue is related to improper validation when copying data from user mode to kernel mode in the Windows OpenType Compact Font Format CFF driver. This allows local users to...

Microsoft Security Bulletin MS10-032 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559)

Microsoft Security Bulletin MS10-032 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege 979559 Published: June 08, 2010 Version: 1.0 General Information Executive Summary This security update resolves two publicly disclosed vulnerabilities and one...

Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609(2010.5.23) Kernel Mode Local Privilege Escalation Vulnerability

Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Kingsoft WebShield = 3.5.1.2 2010.5.23 Signature Date: 2010-5-23 2:33:54 And KAVSafe.sys = 2010.4.14.609 Signature Date2010-4-14 13:42:26 DETAILS: Kavsafe.sys create a...

Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609(2010.5.23) Kernel Mode Local Privilege Escalation Vulnerability

Kavsafe.sys create a device called DeviceKAVSafe , and handles DeviceIoControl request IoControlCode = 0x830020d4 , which can overwrite arbitrary kernel module data Kingsoft WebShield = 3.5.1.2 2010.5.23 Signature Date: 2010-5-23 2:33:54 And KAVSafe.sys = 2010.4.14.609 Signature Date：2010-4-14...

Kingsoft Webshield 'KAVSafe.sys' 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation

/ Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Kingsoft WebShield = 3.5.1.2 2010.5.23 Signature Date: 2010-5-23 2:33:54 And KAVSafe.sys = 2010.4.14.609 Signature Date2010-4-14 13:42:26 DETAILS: Kavsafe.sys create ...

Kingsoft Webshield KAVSafe.sys 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation

Kingsoft Webshield KAVSafe.sys 2010.4.14.609 2010.5.23 - Kernel Mode Privilege Escalation / Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Kingsoft WebShield = 3.5.1.2 2010.5.23 Signature Date: 2010-5-23 2:33:54 And...

Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609(2010.5.23) Local Priv

Exploit for linux platform in category local exploits ============================================================================================= Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Priv. Escalation...

CVE-2009-3678

CVE-2009-3678 describes an unauthenticated remote code-execution vulnerability in the Canonical Display Driver (cdd.dll) for 64-bit Windows 7/Windows Server 2008 R2 when the Windows Aero theme is enabled. The root cause is improper parsing of data copied from user-mode to kernel-mode in the Canon...

CVE-2009-3678

Integer overflow in cdd.dll in the Canonical Display Driver CDD in Microsoft Windows Server 2008 R2 and Windows 7 on 64-bit platforms, when the Windows Aero theme is installed, allows context-dependent attackers to cause a denial of service reboot or possibly execute arbitrary code via a crafted...

FreeBSD 6.4 root shell exploit 0 day-vulnerability warning-the black bar safety net

The following code exploit the vulnerability to run in kernel-mode code if 0 FreeBSD 6.4 and below are vulnerable to race condition between pipeclose and knlistcleardel resulting in NULL pointer dereference. The following code exploits the vulnerability to run code in kernel mode, giving root she...

FreeBSD 6.4 root shell exploit 0 day-vulnerability warning-the black bar safety net

The following code exploit the vulnerability to run in kernel-mode code if 0 FreeBSD 6.4 and below are vulnerable to race condition between pipeclose and knlistcleardel resulting in NULL pointer dereference. The following code exploits the vulnerability to run code in kernel mode, giving root she...

Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference

$Id: ms09050smb2negotiatefuncindex.rb 8656 2010-02-26 13:42:17Z sf $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...