Lucene search
Anch0vy@theori, kkokkokye@theoriZDI-20-259HistoryFeb 20, 2020 - 12:00 a.m.
Microsoft Windows NtUserResolveDesktopForWOW Heap-based Buffer Overflow Privilege Escalation Vulnerability
2020-02-2000:00:00
anch0vy@theori, kkokkokye@theori
www.zerodayinitiative.com
13
0.0005 Low
EPSS
Percentile
19.0%
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the function NtUserResolveDesktopForWOW. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM.
Related
mscve
mscve
Windows Graphics Component Elevation of Privilege Vulnerability
2020-02-11 08:00:00
nvd
nvd
prion
prion
Privilege escalation
2020-02-11 22:15:00
Privilege escalation
2020-02-11 22:15:00
Privilege escalation
2020-02-11 22:15:00
cve
cve
cvelist
cvelist
kaspersky
kaspersky
KLA11662 Multiple vulnerabilities in Microsoft Windows
2020-02-11 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4532693)
2020-02-12 00:00:00
nessus
nessus
mskb
mskb
February 11, 2020âKB4532693 (OS Builds 18362.657 and 18363.657) - EXPIRED
2020-02-11 08:00:00