351 matches found
CVE-2013-3878
CVE-2013-3878 describes a local POST- exploitation vulnerability in the LRPC client of Microsoft Windows XP SP2/SP3 and Windows Server 2003 SP2. The issue is a stack-based buffer overflow triggered when an LRPC server sends a crafted LPC port message, allowing an authenticated local attacker to g...
CVE-2010-0235
CVE-2010-0235 is the Windows Kernel Symbolic Link Value Vulnerability. The provided documents confirm a denial-of-service impact (system becomes unresponsive and reboots) caused by improper validation of symbolic link values when created by the Windows kernel. Affected products (per MS10-021 and ...
CVE-2011-0043
CVE-2011-0043 affects Kerberos in Windows XP SP2/SP3 and Windows Server 2003 SP2. The root cause is use of weak hashing (CRC32) in service tickets, enabling local privilege escalation by a crafted service ticket. Public mitigations are documented in MS11-013, which addresses Kerberos-related elev...
CVE-2011-0666
CVE-2011-0666 is a use-after-free vulnerability in the Windows kernel-mode driver win32k.sys affecting Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 (Gold, SP2, R2, R2 SP1), and Windows 7 (Gold, SP1). The issue arises from incorrect driver object manageme...
CVE-2011-0674
CVE-2011-0674 is a use-after-free in the Windows kernel-mode driver win32k.sys that allows local privilege escalation. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 SP2/R2, and Windows 7 SP1. Root cause: incorrect management of k...
CVE-2012-0149
CVE-2012-0149 affects the Windows Ancillary Function Driver (afd.sys) used by Windows Server 2003 SP2. The vulnerability arises from improper validation of user-mode input passed to kernel mode, enabling local privilege escalation. CVSS2 base score is 7.2 (HIGH) with local attack vector and no au...
CVE-2012-2527
CVE-2012-2527 is a use-after-free vulnerability in win32k.sys (kernel-mode drivers) that affects Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2/R2 SP1, and Windows 7 Gold/SP1. The flaw allows local users to gain privileges via a crafted application, wit...
CVE-2013-1256
CVE-2013-1256 describes a race condition in the Windows kernel-mode driver win32k.sys that allows local privilege escalation and reading arbitrary kernel memory. Affected products span Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2/R2 SP1, and Windows 7...
CVE-2013-1264
CVE-2013-1264 describes a race condition in the Windows kernel driver win32k.sys that enables local privilege escalation and the potential to read arbitrary kernel memory. Affected products/versions include Windows XP (SP2–SP3), Windows Server 2003 (SP2), Windows Vista (SP2), Windows Server 2008 ...
CVE-2013-1271
CVE-2013-1271 is a race condition in the Windows kernel-mode driver win32k.sys that allows local users to gain privileges and read arbitrary kernel memory. Affected products/versions include Windows XP SP2-SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2/R2 SP1, and Win...
CVE-2009-1139
CVE-2009-1139 is a memory leak/denial-of-service vulnerability in the LDAP service of Active Directory and ADAM. A remote attacker can trigger memory exhaustion by sending LDAP/LDAPS requests with specific OID filters. Affected: Windows 2000 Server SP4, Windows Server 2003 SP2, and ADAM on Window...
CVE-2010-0238
CVE-2010-0238 corresponds to the Windows Kernel Registry Key Vulnerability. A denial-of-service occurs when the Windows kernel validates registry keys, enabling a crafted local app to cause the system to become unresponsive and reboot on affected products: Windows 2000 SP4, XP SP2/SP3, Server 200...
CVE-2011-1873
The CVE-2011-1873 entry documents a remote code execution flaw in win32k.sys, affecting 64-bit Windows systems (XP SP2, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7 SP1) where OpenType font parsing allows crafted OTF files to execute code in kernel mode. Root cause: impr...
CVE-2011-1884
CVE-2011-1884 describes a use-after-free vulnerability in the Windows kernel‑mode driver component win32k.sys. The flaw arises from incorrect management of driver objects in the Win32k subsystem, enabling a local attacker to gain privileges by running a crafted application. Affected platforms inc...
CVE-2011-1968
CVE-2011-1968 affects the Remote Desktop Protocol (RDP) implementation in Windows XP SP2/SP3 and Windows Server 2003 SP2. The vulnerability arises from improper handling of in-memory RDP packets, enabling an unauthenticated, remote attacker to cause a denial of service (reboot) by triggering acce...
CVE-2013-1253
The CVE concerns a race condition in the Windows kernel-mode driver win32k.sys (affecting Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, and Windows 7 SP1). The underlying flaw allows local attackers to escalate privileges and read arbitrary kernel memory via a crafted applic...
CVE-2013-1254
CVE-2013-1254 is a Windows kernel-mode driver (win32k.sys) local privilege-escalation vulnerability. A race condition in win32k.sys allows a local attacker to gain elevated privileges and read arbitrary kernel memory locations. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2...
CVE-2013-1258
CVE-2013-1258 is a race condition in the Windows kernel-mode driver win32k.sys (affecting Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, and Windows 7 SP1). The vulnerability allows local users to gain privileges and read arbitrary kernel memory via a crafted application. Mul...
CVE-2013-1263
CVE-2013-1263 involves a race condition in the Windows kernel‑mode driver win32k.sys that permits local privilege escalation and reading of arbitrary kernel memory. Affected products (per sources) include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 S...
CVE-2013-1266
CVE-2013-1266 is a race-condition vulnerability in the Windows kernel-mode driver win32k.sys that allows local privilege escalation and potential kernel memory disclosure. It affects multiple Windows editions listed in MS13-016 (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows ...
CVE-2013-3197
The CVE-2013-3197 issue affects the NTVDM subsystem in the Windows kernel on 32‑bit Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8. It arises from improper validation of kernel-memory addresses, enabling local privilege escalation...
CVE-2008-2251
CVE-2008-2251 describes a kernel double-free vulnerability in Windows that allows local privilege escalation when a crafted multi-threaded system-call flow mishandles user-supplied data. Affected products include Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1/SP2, Windows Vista (Gold/SP1), and Win...
CVE-2009-1538
The CVE-2009-1538 family affects Microsoft DirectShow (quartz.dll) within DirectX 7.0–9.0c and DirectX/Windows DirectShow on Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. A vulnerability exists in pointer validation when updating a QuickTime file, enabling remote code execution if a user ope...
CVE-2009-1922
The CVE-2009-1922 entry concerns Microsoft Windows Message Queuing (MSMQ) Privilege Escalation affecting Windows 2000 SP4, XP SP2, Server 2003 SP2, and Vista. The root cause is improper validation of IOCTL request data in the MSMQ IOCTL handler (mqac.sys) as data moves from user mode to kernel mo...
CVE-2011-0088
CVE-2011-0088 is a Windows kernel‑mode privilege elevation vulnerability in the Win32k.sys driver. The root cause is improper validation of data passed from user mode to kernel mode, enabling a local attacker to execute arbitrary code with kernel privileges. Affected products include Windows XP (...
CVE-2011-1233
The CVE-2011-1233 issue affects Windows kernel (win32k.sys) across multiple OS versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7 Gold/SP1). The vulnerability is a NULL pointer de-reference in win32k.sys that enables local privilege escalation via a craft...
CVE-2012-0148
CVE-2012-0148 affects the Windows Ancillary Function Driver (afd.sys). The vulnerability stems from improper validation of user-mode input before crossing to kernel mode, enabling local privilege escalation. Affected on 64-bit Windows platforms: XP SP2, Server 2003 SP2, Vista SP2, Server 2008 SP2...
CVE-2013-1262
CVE-2013-1262 describes a race condition in the Windows kernel surface, specifically the win32k.sys kernel-mode driver. The vulnerability allows local attackers to gain privileges and read arbitrary kernel memory locations through a crafted application. Affected products include various Windows e...
CVE-2013-3172
CVE-2013-3172 is a Windows kernel-mode driver vulnerability in win32k.sys causing a local denial of service (system hang) via a buffer overflow. Affected products include Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, and Windows 7 SP1. Remediation is via MS13-053 patches...
CVE-2013-3899
The CVE-2013-3899 issue affects Windows kernel-mode drivers, specifically Win32k.sys, on Windows XP SP2/SP3 and Windows Server 2003 SP2. The vulnerability stems from improper address validation in Win32k.sys, enabling a local attacker to escalate privileges via a crafted application and potential...
CVE-2010-0917
CVE-2010-0917 is a distinct VBScript vulnerability causing a stack-based buffer overflow via the MsgBox fourth argument when Internet Explorer is used, affecting VBScript.dll on Windows 2000 SP4, XP SP2/SP3, and Windows Server 2003 SP2. An attacker-user interaction in IE could enable code executi...
CVE-2010-4182
CVE-2010-4182 describes an untrusted search path vulnerability in the Data Access Objects (DAO) library (dao360.dll) where a Trojan horse msjet49.dll in the same folder as a file processed by dao360.dll can lead to DLL hijacking and arbitrary code execution. Affected platforms include Windows XP ...
CVE-2011-0665
The CVE-2011-0665 issue concerns a use-after-free vulnerability in the Windows kernel-mode driver win32k.sys. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/SP2/R2 and R2 SP1, and Windows 7 Gold/SP1. Root cause: incorrect man...
CVE-2011-1232
CVE-2011-1232 affects Windows kernel-Mode drivers (win32k.sys) across XP SP2-SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2/SP1, and Windows 7 Gold/SP1. Root cause: NULL pointer dereference in Win32k subsystem allows a crafted application to escalate privileges from local user to ke...
CVE-2011-1235
CVE-2011-1235 is a Windows kernel–mode driver use‑after‑free vulnerability in the Win32k subsystem (win32k.sys). Documents confirm a local privilege‑escalation vector via crafted applications that exploit incorrect driver object management, affecting multiple XP/Server 2003/Vista/Server 2008/Wind...
CVE-2012-1866
CVE-2012-1866 concerns a local privilege escalation in the Windows kernel-mode drivers, specifically the win32k.sys component. The issue arises from improper handling of user-mode input passed to kernel-mode driver objects, enabling a local attacker to gain elevated privileges via a crafted appli...
CVE-2012-1867
CVE-2012-1867 is a local privilege-escalation flaw in Windows where an integer overflow in win32k.sys (font resource handling) could allow a local attacker to gain SYSTEM-level privileges via a crafted TrueType font. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows V...
CVE-2013-1269
The CVE-2013-1269 entry tracks a race condition in the Windows kernel-mode driver win32k.sys that enables local privilege escalation and arbitrary kernel memory disclosure. Affected products include Microsoft Windows XP (SP2–SP3), Windows Server 2003 (SP2), Windows Vista (SP2), Windows Server 200...
CVE-2010-3144
CVE-2010-3144 concerns an insecure library loading vulnerability in the Internet Connection Signup Wizard (ICSW) affecting Windows XP SP2/SP3 and Windows Server 2003 SP2. The root cause is untrusted search path handling that allows loading a Trojan horse DLL (smmscrpt.dll) from the current direct...
CVE-2011-0675
CVE-2011-0675 is a local privilege-escalation in Windows caused by a use-after-free in win32k.sys (kernel-mode drivers). Affected are Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 (Gold, SP2, R2, R2 SP1), and Windows 7 (Gold/SP1). The root cause is incorrect management of kernel...
CVE-2011-1228
CVE-2011-1228 affects Microsoft Windows kernel-mode driver component win32k.sys. A NULL pointer de-reference in win32k allowed local attackers to gain kernel-level privileges on affected OS versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 SP2/R2, Windows 7 Gold/SP1). The issue is...
CVE-2011-1879
CVE-2011-1879 is a local privilege-escalation in Win32k.sys (kernel-mode driver) caused by incorrect driver object management leading to a use-after-free. Affects Windows XP (SP2, SP3), Server 2003 (SP2), Vista (SP1, SP2), Server 2008 (Gold, SP2, R2, R2 SP1), and Windows 7 (Gold, SP1). Successful...
CVE-2013-1261
CVE-2013-1261 describes a race condition in the win32k.sys kernel‑mode driver that can enable local privilege escalation and allow an attacker to read arbitrary kernel memory. Affected products include various Windows versions listed in the initial document (XP SP2/SP3, Server 2003 SP2, Vista SP2...
CVE-2011-1226
The CVE-2011-1226 issue is a local privilege-escalation vulnerability in Windows kernel-mode driver code (win32k.sys) caused by a NULL pointer de-reference. A crafted local application can trigger this in multiple supported OS versions, including Windows XP (SP2–SP3), Windows Server 2003 (SP2), W...
CVE-2013-1276
CVE-2013-1276 : A race condition in the Windows kernel-mode driver win32k.sys (affecting Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, and Windows 7 SP1) enables a local user to gain privileges and read arbitrary kernel memory via a crafted application. Multiple connected so...
CVE-2013-1265
The CVE-2013-1265 entry describes a race condition in the kernel-mode driver win32k.sys that affects multiple Microsoft Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, and Windows 7 SP1). The underlying flaw allows local attackers to escalate privileges and read arb...
CVE-2013-1268
CVE-2013-1268 is a race-condition flaw in the Windows kernel-mode driver win32k.sys that enables local privilege escalation. A crafted user-space application can trigger the vulnerability to gain privileges and read arbitrary kernel memory. Affected Windows versions include XP SP2/SP3, Server 200...
CVE-2013-3863
CVE-2013-3863 is the Windows OLE Property Vulnerability affecting Windows XP SP2/SP3 and Windows Server 2003 SP2. The issue arises from parsing crafted OLE objects in files, enabling remote code execution without user interaction (contrary to some variants that require a user action, the core des...
CVE-2010-3957
CVE-2010-3957 is a Windows OpenType Font (OTF) driver vulnerability (double-free) affecting Windows XP SP2–SP3, Server 2003 SP2, Vista SP1–SP2, Server 2008 Gold SP2/R2, and Windows 7. The issue resides in the OTF driver’s memory handling while parsing OpenType fonts, enabling local privilege esca...
CVE-2010-0818
The CVE-2010-0818 issue affects the MPEG-4 codec in Windows Media codecs on Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, and Server 2008 Gold/SP2. Root cause: a buffer/handling flaw in the MPEG-4 codec when processing specially crafted media content with MPEG-4 video encoding, allowing rem...