CVE-2024-38253

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability...

Privilege escalation

The Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2, when a Chinese, Japanese, or Korean system locale is used, can access uninitialized memory during the processing of Unicode characters, which...

CVE-2011-1283

The Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 does not ensure that an unspecified array index has a non-negative value before performing read and...

Integer overflow

Integer overflow in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges or cau...

CVE-2011-1870

CVE-2011-1870 is an integer overflow vulnerability in the Windows CSRSS component of the Win32 subsystem. The flaw occurs in SrvWriteConsoleOutputString, allowing a local attacker to cause memory corruption and potentially elevate privileges to kernel mode on affected systems (Windows XP SP2/SP3 ...

CVE-2011-1283

The CVE-2011-1283 entry concerns the Windows CSRSS component in the Win32 subsystem. The vulnerability arises from an array index check flaw in SrvSetConsoleNumberOfCommand, allowing a local attacker to cause memory corruption and elevate privileges by triggering an incorrect memory assignment fo...

CVE-2011-1870

Integer overflow in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, allows local users to gain privileges or cause a denial of service memory corruption via a crafted application that triggers an incorrect...

Memory corruption

The Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly restrict the number of console objects for a...

CVE-2010-1891

The Client/Server Runtime Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2, when a Chinese, Japanese, or Korean locale is enabled, does not properly allocate memory for transactions, which allows local users to gain privileges via a crafted...

CVE-2010-1891

CVE-2010-1891 affects the Windows Client/Server Runtime Subsystem (CSRSS) in the Win32 subsystem on Windows XP SP2/SP3 and Windows Server 2003 SP2. The vulnerability stems from improper memory allocation for transactions when Chinese, Japanese, or Korean locales are enabled, allowing local users ...

Published some of Ring3 at the end of the process of skill-vulnerability warning-the black bar safety net

In response to the XHR call, in 2 0 0 8 年 5 月 5, re-finishing, and some new skills. 2 0 0 8 years 7 months 1 3 to increase a skill. All of OpenProcess/ZwOpenProcess/OpenThread/ZwOpenThread can replace the ZwQuerySystemInformation-ZwOpenProcess-ZwDuplicateObject it. Specific is why your own...

Microsoft Client Server Runtime System Vulnerability

Overview The Microsoft Client Server Runtime System CSRSS incorrectly validates certain messages potentially resulting in privilege elevation. Description CSRSS is the user-mode part of the Win32 subsystem. Win32.sys is the kernel-mode portion of the Win32 subsystem. The Win32 subsystem must be...