3876 matches found
Microsoft Windows Kernel - 'win32kfull!SfnINLPUAHDRAWMENUITEM' Stack Memory Disclosure
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1192 We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 10 indirectly through the win32k!NtUserPaintMenuBar system call, or more specifically,...
Microsoft Windows Kernel win32k.sys - Multiple Bugs in the NtGdiGetDIBitsInternal System Call Exploi
Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1078 We have discovered two bugs in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in all modern versions of Windows...
Microsoft Windows Kernel - win32k.sys Multiple NtGdiGetDIBitsInternal System Call
Microsoft Windows Kernel - win32k.sys Multiple NtGdiGetDIBitsInternal System Call Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1078 We have discovered two bugs in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in...
Microsoft Windows Multiple Vulnerabilities (KB4015217)
This host is missing an important security update according to Microsoft Security update KB4015217. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
CVE-2017-0167
An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further...
Microsoft Windows Monthly Rollup (KB4015549)
This host is missing a monthly rollup according to Microsoft security update KB4015549. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
April 11, 2017—KB4015583 (OS Build 15063.138)
April 11, 2017—KB4015583 OS Build 15063.138 Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issues with updated time zone information. Security updates to Scripting...
KLA11835 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A memory corrupti...
KB4015219: Windows 10 Version 1511 April 2017 Cumulative Update
The remote Windows 10 version 1511 host is missing security update KB4015219. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the open-source libjpeg image processing library due to improper handling of objects in memory. An...
KB4015221: Windows 10 Version 1507 April 2017 Cumulative Update
The remote Windows 10 Version 1507 host is missing security update KB4015221. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the open-source libjpeg image processing library due to improper handling of objects in memory. An...
KB4015583: Windows 10 Version 1703 April 2017 Cumulative Update
The remote Windows 10 version 1703 host is missing security update KB4015583. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the open-source libjpeg image processing library due to improper handling of objects in memory. An...
The vulnerability of the Windows operating system, which allows a perpetrator to manipulate processes or cause service failures
The vulnerability of the Windows operating system’s kernel relates to incorrect access control. Exploiting this vulnerability allows a local attacker to manipulate processes, simulate communication between them, or cause service failures through a specially crafted application...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of kernel-level drivers in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability allows a local attacker to enhance their privileges through a specially created application...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of Windows operating system’s kernel mode drivers is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to enhance their privileges through a specially created application...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the Windows operating system’s kernel is due to an operation going beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a local attacker to enhance their privileges through a specially created application...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of Windows operating system’s kernel mode drivers is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to enhance their privileges through a specially created application...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of Windows operating system’s kernel mode drivers is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to enhance their privileges through a specially created application...
Mozilla Patches Pwn2Own Zero Day in Firefox
Mozilla was quick to patch a zero day vulnerability identified in the Firefox browser at the Pwn2Own hacking competition last week. The company remedied the issue just shy of 24 hours of being made aware of the flaw, pushing out the updated version 52.0.1 of the browser late Friday. Asa Dotzler,...
Microsoft Windows Kernel - Registry Hive Loading Crashes in nt!nt!HvpGetBinMemAlloc / nt!ExpFindAndRemoveTagBigPages (MS17-017)
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=993 We have encountered Windows kernel crashes in the internal nt!nt!HvpGetBinMemAlloc and nt!ExpFindAndRemoveTagBigPages functions while loading corrupted registry hive files. We believe both crashes to be caused by the same bug...
Microsoft Windows Kernel - Registry Hive Loading Crashes in nt!nt!HvpGetBinMemAlloc nt!ExpFindAndRemoveTagBigPages (MS17-017)
Microsoft Windows Kernel - Registry Hive Loading Crashes in nt!nt!HvpGetBinMemAlloc nt!ExpFindAndRemoveTagBigPages MS17-017 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=993 We have encountered Windows kernel crashes in the internal nt!nt!HvpGetBinMemAlloc and...