Lucene search
K

213 matches found

Packet Storm
Packet Storm
added 2010/12/17 12:0 a.m.26 views

NProtect Anti-Virus 2007 Privilege Escalation

NProtect Anti-Virus 2007 with TKRgAc2k.sys FsContext for each process to open the device,and save key/key value /virus name /event object in FsContext. Here contains a design error , if a registry operation is intercepted and match the rules , but event handle has not been set, TKAcRg2k.sys will...

0.7AI score
Exploits0
0day.today
0day.today
added 2010/12/17 12:0 a.m.27 views

NProtect Anti-Virus 2007 <= 2010.5.11.1 Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits NProtect Anti-Virus 2007 with TKRgAc2k.sys FsContext for each process to open the device,and save key/key value /virus name /event object in FsContext. Here contains a design error , if a registry operation is intercepted and match the rules...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2010/11/08 12:0 a.m.13 views

G Data TotalCare 2011 - Local Kernel

G Data TotalCare 2011 - Local Kernel / Exploit Title: G Data TotalCare 2011 0day Local Kernel Exploit Date: 2010-11-08 Author: Nikita Tarakanov CISS Research Team Software Link: http://www.gdata.de/ Version: up to date, version 21.1.0.5, MiniIcpt.sys version 1.0.8.9 Tested on: Win XP SP3 CVE :...

Exploits0
Packet Storm
Packet Storm
added 2010/11/08 12:0 a.m.17 views

G Data TotalCare 2011 Local Kernel Exploit

/ Exploit Title: G Data TotalCare 2011 0day Local Kernel Exploit Date: 2010-11-08 Author: Nikita Tarakanov CISS Research Team Software Link: http://www.gdata.de/ Version: up to date, version 21.1.0.5, MiniIcpt.sys version 1.0.8.9 Tested on: Win XP SP3 CVE : CVE-NO-MATCH Status : Unpatched / inclu...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/11/08 12:0 a.m.26 views

G Data TotalCare 2011 - Local Kernel

/ Exploit Title: G Data TotalCare 2011 0day Local Kernel Exploit Date: 2010-11-08 Author: Nikita Tarakanov CISS Research Team Software Link: http://www.gdata.de/ Version: up to date, version 21.1.0.5, MiniIcpt.sys version 1.0.8.9 Tested on: Win XP SP3 CVE : CVE-NO-MATCH Status : Unpatched / inclu...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2010/11/03 12:0 a.m.22 views

Trend Micro Titanium Maximum Security 2011 0day Local Kernel Exploit

No description provided by source. 1.Description: The tmtdi.sys kernel driver distributed with Trend Micro Titanium Maximum Security 2011 contains a pointer overwrite vulnerability in the handling of IOCTL 0x220404. Exploitation of this issue allows an attacker to execute arbitrary code within th...

7.1AI score
Exploits0
0day.today
0day.today
added 2010/11/02 12:0 a.m.36 views

Trend Micro Titanium Maximum Security 2011 0day Local Kernel Exploit

Exploit for windows platform in category local exploits ==================================================================== Trend Micro Titanium Maximum Security 2011 0day Local Kernel Exploit ==================================================================== 1.Description: The tmtdi.sys kerne...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2010/11/01 12:0 a.m.36 views

Trend Micro Titanium Maximum Security 2011 - Local Kernel

/ 1.Description: The tmtdi.sys kernel driver distributed with Trend Micro Titanium Maximum Security 2011 contains a pointer overwrite vulnerability in the handling of IOCTL 0x220404. Exploitation of this issue allows an attacker to execute arbitrary code within the kernel. An attacker would need...

7.4AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2010/05/24 7:30 p.m.5 views

CVE-2010-2031

KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device...

7.2CVSS5.6AI score0.00753EPSS
Exploits1References5
seebug.org
seebug.org
added 2010/04/24 12:0 a.m.9 views

Windows win32k.sys驱动SfnLOGONNOTIFY本地内核拒绝服务漏洞

BUGTRAQ ID: 39630 Microsoft Windows是微软发布的非常流行的操作系统。 Windows操作系统所使用的Win32k.sys驱动在DispatchMessage时,会最后调用到xxxDefWindowProc。该函数在处理某些消息时会调用gapfnScSendMessage函数表中的函数来处理,其中2000/xp/2003下在处理0x4c号消息时,会有一个名为 SfnLOGONNOTIFY的函数。当wParam == 4/13/12时该函数直接从lParam里取出数据。尽管函数内使用了SEH,但是只要传递错误的内核地址,仍然会引发系统崩溃。 伪代码: if...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2010/04/24 12:0 a.m.21 views

Windows win32k.sys驱动ImeCanDestroyDefIMEforChild本地内核拒绝服务漏洞

Microsoft Windows是微软发布的非常流行的操作系统。 在Win32k!NtUserDestroyWindow-xxxDestroyWindow时,试图为子窗口销毁IME窗口时会调用 ImeCanDestroyDefIMEforChild函数。这个函数会在一个while循环中取得窗口的父窗口,试图确定窗口的子窗口和当前销毁的窗口是否属于同一个线程的,大概代码如下: if pwndDestroy-spwndParent == NULL return FALSE ; pwnd = pwndDestroy; while pwnd != NULL && pwnd !=...

7AI score
Exploits0
securityvulns
securityvulns
added 2010/04/23 12:0 a.m.44 views

Windows 2000/XP/2003 win32k.sys SfnLOGONNOTIFY local kernel Denial of Service Vulnerability

Windows 2000/XP/2003 win32k.sys SfnLOGONNOTIFY local kernel Denial of Service Vulnerability Effect : Microsoft Windows 2000/XP/2003 full patch Author:MJ0011 Published: 2010-04-22 Vulnerability Details: Win32k.sys in DispatchMessage when the last call to xxxDefWindowProc, this function in dealing...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2010/04/22 12:0 a.m.15 views

Microsoft Windows XP20002003 - win32k.sys SfnLOGONNOTIFY Local kernel Denial of Service

Microsoft Windows XP20002003 - win32k.sys SfnLOGONNOTIFY Local kernel Denial of Service / Windows 2000/XP/2003 win32k.sys SfnLOGONNOTIFY local kernel Denial of Service Vulnerability Effect : Microsoft Windows 2000/XP/2003 full patch Author:MJ0011 Published: 2010-04-22 Vulnerability Details:...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2010/04/22 12:0 a.m.18 views

Microsoft Windows XP20002003 - win32k.sys SfnINSTRING Local kernel Denial of Service

Microsoft Windows XP20002003 - win32k.sys SfnINSTRING Local kernel Denial of Service / Windows 2000/XP/2003 win32k.sys SfnINSTRING local kernel Denial of Service Vulnerability Effect : Microsoft Windows 2000/XP/2003 full patch Author:MJ0011 Published: 2010-04-22 Vulnerability Details: Win32k.sys ...

Exploits0
0day.today
0day.today
added 2010/04/22 12:0 a.m.19 views

Windows 2000/XP/2003 win32k.sys SfnLOGONNOTIFY local kernel DoS

Exploit for windows platform in category dos / poc =========================================================================================== Windows 2000/XP/2003 win32k.sys SfnLOGONNOTIFY local kernel Denial of Service Vulnerability...

7AI score
Exploits0
0day.today
0day.today
added 2010/04/22 12:0 a.m.24 views

Windows 2000/XP/2003 win32k.sys SfnINSTRING local kernel DoS

Exploit for windows platform in category dos / poc ======================================================================================== Windows 2000/XP/2003 win32k.sys SfnINSTRING local kernel Denial of Service Vulnerability...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2010/04/22 12:0 a.m.33 views

Microsoft Windows XP/2000/2003 - &#039;win32k.sys&#039; SfnLOGONNOTIFY Local kernel Denial of Service

/ Windows 2000/XP/2003 win32k.sys SfnLOGONNOTIFY local kernel Denial of Service Vulnerability Effect : Microsoft Windows 2000/XP/2003 full patch Author:MJ0011 Published: 2010-04-22 Vulnerability Details: Win32k.sys in DispatchMessage when the last call to xxxDefWindowProc, this function in dealin...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/04/22 12:0 a.m.30 views

Microsoft Windows XP/2000/2003 - &#039;win32k.sys&#039; SfnINSTRING Local kernel Denial of Service

/ Windows 2000/XP/2003 win32k.sys SfnINSTRING local kernel Denial of Service Vulnerability Effect : Microsoft Windows 2000/XP/2003 full patch Author:MJ0011 Published: 2010-04-22 Vulnerability Details: Win32k.sys in DispatchMessage when the last call to xxxDefWindowProc, this function in dealing...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/01/22 12:0 a.m.22 views

Authentium SafeCentral 2.6 - shdrv.sys Local Kernel Ring0 SYSTEM

Authentium SafeCentral 2.6 - shdrv.sys Local Kernel Ring0 SYSTEM / safecentral-unharden-v2.c Copyright c 2009 by Authentium SafeCentral include include include define SAFECNTRLIOCTL 0x00226003 static unsigned char win32fixup = "\x53" "\xb8\x00\x00\x00\x00" "\xbb\x00\x00\x00\x00" "\x8b\x00"...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2010/01/22 12:0 a.m.41 views

Authentium SafeCentral 2.6 - &#039;shdrv.sys&#039; Local Kernel Ring0 SYSTEM

/ safecentral-unharden-v2.c Copyright c 2009 by Authentium SafeCentral include include include define SAFECNTRLIOCTL 0x00226003 static unsigned char win32fixup = "\x53" "\xb8\x00\x00\x00\x00" "\xbb\x00\x00\x00\x00" "\x8b\x00" "\x89\x03" "\x31\xdb" "\x4b" "\x89\x18"; / Win2k3 SP1/2 - kernel EPROCE...

7.4AI score
Exploits0
Rows per page
Query Builder