Lucene search
K

20 matches found

NVD
NVD
added 2011/08/10 9:55 p.m.26 views

CVE-2011-1967

Winsrv.dll in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process...

7.2CVSS6.3AI score0.01707EPSS
Exploits0References3
Prion
Prion
added 2011/08/10 9:55 p.m.19 views

Design/Logic Flaw

Winsrv.dll in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process...

7.2CVSS6.8AI score0.01707EPSS
Exploits0References3Affected Software3
CVE
CVE
added 2011/08/10 9:16 p.m.81 views

CVE-2011-1967

CVE-2011-1967 affects the Windows Client/Server Run-time Subsystem (CSRSS) via the Winsrv.dll component. The root cause is improper permission checks when a lower‑integrity process sends inter‑process device‑event messages to a higher‑integrity CSRSS, enabling local privilege escalation. Affected...

7.2CVSS6.4AI score0.01707EPSS
Exploits0References3Affected Software6
Cvelist
Cvelist
added 2011/08/10 9:16 p.m.29 views

CVE-2011-1967

Winsrv.dll in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process...

6.3AI score0.01707EPSS
Exploits0References3
seebug.org
seebug.org
added 2011/08/06 12:0 a.m.12 views

Microsoft Windows CSRSS "SrvGetConsoleTitle()"本地类型转换安全漏洞

BUGTRAQ ID: 49013 Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft Windows CSRSS子系统在SrvGetConsoleTitle的实现上存在本地模式化安全漏洞,本地攻击者可利用此漏洞造成拒绝服务或获取敏感信息。 此漏洞源于在执行某些尺寸检查时,CSRSS中的"SrvGetConsoleTitle"函数winsrv.dll存在类型转换错误。这可导致泄漏某些CSRSS内存或引用无效内存,造成内核崩溃。 Microsoft Windows XP 厂商补丁: Microsoft ---------...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/07/12 12:0 a.m.51 views

MS11-056: Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2507938)

The remote host allows elevation of privileges in its Windows Client/Server run-time subsystem CSRSS. An attacker could exploit these vulnerabilities to run arbitrary code in kernel mode. The attacker must have valid login credentials and be able to log on locally in order to exploit these...

8.4CVSS6AI score0.02244EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2010/09/14 12:0 a.m.29 views

MS10-069: Vulnerability in Windows Client/Server Runtime Subsystem Could Allow Elevation of Privilege (2121546)

The remote host allows elevation of privileges in its Windows Client/Server run-time subsystem CSRSS because of the way CSRSS assigns memory-specific user transactions. An attacker might exploit this to run arbitrary code in the security context of the local system. C Tenable Network Security, In...

6.9CVSS5.8AI score0.01589EPSS
Exploits0References2
seebug.org
seebug.org
added 2007/01/04 12:0 a.m.30 views

Microsoft Windows Csrss HardError 消息多个安全漏洞

Microsoft Windows是一款流行的操作系统。 Microsoft Windows处理特殊参数的部分API调用时存在问题,本地攻击者可以利用漏洞获得敏感信息或对系统进行拒绝服务攻击。 Microsoft Windows的WINSRV.DLL在处理HardError消息时存在两次释放错误。攻击者如果把MessageBox函数的caption或text参数设置为以“??\”开始的字符串,那么畸形的参数会触发内核内存破坏,导致系统崩溃。 另外CSRSS.exe没有正确的验证由NtRaiseHardError传送的参数,可允许攻击者浏览CSRSS进程内存的内容,导致敏感信息泄露。...

7AI score
Exploits0
seebug.org
seebug.org
added 2007/01/01 12:0 a.m.18 views

Exploits Microsoft Windows NtRaiseHardError Csrss.exe-winsrv.dll Double Free

No description provided by source. ///////////////////////////////////////// ///////////////////////////////////////// ///// Microsoft Windows NtRaiseHardError ///// Csrss.exe-winsrv.dll Double Free ///////////////////////////////////////// ///// Ruben Santamarta ///// ruben at reversemode dot co...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/12/31 12:0 a.m.19 views

MS Windows NtRaiseHardError Csrss.exe-winsrv.dll Double Free

No description provided by source. ///////////////////////////////////////// ///////////////////////////////////////// ///// Microsoft Windows NtRaiseHardError ///// Csrss.exe-winsrv.dll Double Free ///////////////////////////////////////// ///// Ruben Santamarta ///// ruben at reversemode dot co...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/12/31 12:0 a.m.17 views

MS Windows NtRaiseHardError Csrss.exe-winsrv.dll Double Free

Exploit for unknown platform in category dos / poc ============================================================ MS Windows NtRaiseHardError Csrss.exe-winsrv.dll Double Free ============================================================ /////////////////////////////////////////...

7AI score
Exploits0
securityvulns
securityvulns
added 2006/12/31 12:0 a.m.79 views

csrss.exe double-free vulnerability - arbitrary DWORD overwrite exploit

Hi, For those researchers who are interested in the Csrss Double-Free vulnerability, I have coded an arbitrary DWORD overwrite exploit. This flaw is hard to exploit at least for me due to the the "fail-and-die" situation. Corrupting the heap in a process like Csrss is dangerous. However, by...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2006/12/31 12:0 a.m.13 views

Microsoft Windows - Csrss.exewinsrv.dll NtRaiseHardError Double-Free

Microsoft Windows - Csrss.exewinsrv.dll NtRaiseHardError Double-Free ///////////////////////////////////////// ///////////////////////////////////////// ///// Microsoft Windows NtRaiseHardError ///// Csrss.exe-winsrv.dll Double Free ///////////////////////////////////////// ///// Ruben Santamarta...

Exploits0
Exploit DB
Exploit DB
added 2006/12/31 12:0 a.m.33 views

Microsoft Windows - 'Csrss.exe/winsrv.dll' NtRaiseHardError Double-Free

///////////////////////////////////////// ///////////////////////////////////////// ///// Microsoft Windows NtRaiseHardError ///// Csrss.exe-winsrv.dll Double Free ///////////////////////////////////////// ///// Ruben Santamarta ///// ruben at reversemode dot com ///// www.reversemode.com...

7.4AI score
Exploits0
NVD
NVD
added 2006/12/22 2:28 a.m.30 views

CVE-2006-6696

Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain privileges by calling the MessageBox function with a MBSERVICENOTIFICATION message with crafted data, which sends a HardError message to Client/Server Runtime Server Subsystem CSRSS process, which ...

6.9CVSS6.2AI score0.03284EPSS
Exploits1References23
CVE
CVE
added 2006/12/22 2:0 a.m.91 views

CVE-2006-6696

CVE-2006-6696 is a CSRSS vulnerability in Windows where improper handling of a MessageBox call with MB_SERVICE_NOTIFICATION can send a crafted HardError to CSRSS, enabling remote code execution. Public details indicate the issue affects multiple Windows versions (Windows 2000, XP, Server 2003, Vi...

6.9CVSS6.2AI score0.03284EPSS
Exploits1References23Affected Software4
NVD
NVD
added 2005/05/02 4:0 a.m.15 views

CVE-2005-0551

Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System CSRSS process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long...

10CVSS6.6AI score0.21533EPSS
Exploits0References6
CVE
CVE
added 2005/04/13 4:0 a.m.59 views

CVE-2005-0551

CVE-2005-0551 corresponds to a local privilege-elevation vulnerability in CSRSS (Client Server Runtime Subsystem) via WINSRV.DLL handling a console window FaceName string. A stack-based buffer overflow in CONSOLE_STATE_INFO (FaceName[32]) can be triggered by a crafted console window, enabling a l...

10CVSS6.6AI score0.21533EPSS
Exploits0References6Affected Software3
Cvelist
Cvelist
added 2005/04/13 4:0 a.m.25 views

CVE-2005-0551

Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System CSRSS process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long...

6.6AI score0.21533EPSS
Exploits0References6
securityvulns
securityvulns
added 2005/04/13 12:0 a.m.44 views

iDEFENSE Security Advisory 04.12.05: Microsoft Windows CSRSS.EXE Stack Overflow Vulnerability

Microsoft Windows CSRSS.EXE Stack Overflow Vulnerability iDEFENSE Security Advisory 04.12.05 www.idefense.com/application/poi/display?id=230&type=vulnerabilities April 12, 2005 I. BACKGROUND The Win32 application-programming interface API offers a console windows feature that provides a means to...

10CVSS0.7AI score0.21533EPSS
Exploits0
Rows per page
Query Builder