Lucene search
360VulcanZDI-16-279HistoryMay 10, 2016 - 12:00 a.m.
(Pwn2Own) Microsoft Windows win32kfull.sys Surface Object Use-After-Free Privilege Escalation Vulnerability
2016-05-1000:00:00
360Vulcan
www.zerodayinitiative.com
29
0.0005 Low
EPSS
Percentile
19.2%
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how win32kfull.sys handles reference counting of Surface objects. An attacker can leverage this vulnerability to escalate privileges and execute code with kernel privileges.
Related
mscve
mscve
Win32k Elevation of Privilege Vulnerability
2016-05-10 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Win32k Elevation of Privilege (MS16-062: CVE-2016-0173)
2016-05-10 00:00:00
zdt
zdt
Microsoft Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (2)
2016-06-15 00:00:00
symantec
symantec
cve
cve
cvelist
cvelist
prion
prion
Privilege escalation
2016-05-11 01:59:00
Privilege escalation
2016-05-11 01:59:00
Privilege escalation
2016-05-11 01:59:00
nvd
nvd
mskb
mskb
openvas
openvas
Microsoft Kernel-Mode Drivers Privilege Elevation Vulnerabilities (3158222)
2016-05-11 00:00:00
nessus
nessus
MS16-062: Security Update for Windows Kernel-Mode Drivers (3158222)
2016-05-10 00:00:00
kaspersky
kaspersky
KLA10801 Multiple vulnerabilities in Microsoft Windows
2016-05-10 00:00:00
KLA11914 Multiple vulnerability in Microsoft Products (ESU)
2016-05-10 00:00:00