Lucene search
Lokihardt@asrtZDI-14-218HistoryJul 09, 2014 - 12:00 a.m.
(Pwn2Own) Microsoft On-Screen Keyboard Privilege Escalation Vulnerability
2014-07-0900:00:00
lokihardt@asrt
www.zerodayinitiative.com
38
0.061 Low
EPSS
Percentile
93.6%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the On-Screen Keyboard. The issue lies in the ability to send input to the On-Screen Keyboard from a low integrity process. An attacker can leverage this vulnerability to elevate privileges and execute code under the context of the On-Screen Keyboard process.
Related
cve
cve
CVE-2014-2781
2014-07-08 22:55:06
nessus
nessus
openvas
openvas
mskb
mskb
cvelist
cvelist
CVE-2014-2781
2014-07-08 22:00:00
nvd
nvd
CVE-2014-2781
2014-07-08 22:55:06
symantec
symantec
prion
prion
Privilege escalation
2014-07-08 22:55:00
kaspersky
kaspersky
KLA10601 Multiple vulnerabilities in Microsoft products
2014-11-11 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2014-07-21 00:00:00