Lucene search
360VulcanZDI-16-278HistoryMay 10, 2016 - 12:00 a.m.
(Pwn2Own) Microsoft Windows xxxEndDeferWindowPosEx Window Use-After-Free Privilege Escalation Vulnerability
2016-05-1000:00:00
360Vulcan
www.zerodayinitiative.com
41
0.001 Low
EPSS
Percentile
21.1%
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Window objects. The issue lies in the failure to increment a reference counter prior to calling userland code. An attacker can leverage this vulnerability to escalate privileges and execute code within the context of SYSTEM.
Related
mscve
mscve
Win32k Elevation of Privilege Vulnerability
2016-05-10 07:00:00
symantec
symantec
cve
cve
prion
prion
Privilege escalation
2016-05-11 01:59:00
Privilege escalation
2016-05-11 01:59:00
Privilege escalation
2016-05-11 01:59:00
nvd
nvd
cvelist
cvelist
mskb
mskb
openvas
openvas
Microsoft Kernel-Mode Drivers Privilege Elevation Vulnerabilities (3158222)
2016-05-11 00:00:00
nessus
nessus
MS16-062: Security Update for Windows Kernel-Mode Drivers (3158222)
2016-05-10 00:00:00
kaspersky
kaspersky
KLA11914 Multiple vulnerability in Microsoft Products (ESU)
2016-05-10 00:00:00
KLA10801 Multiple vulnerabilities in Microsoft Windows
2016-05-10 00:00:00