Lucene search
Bee13oy of CloverSec LabsZDI-16-592HistoryNov 08, 2016 - 12:00 a.m.
Microsoft Windows win32k.sys Bitmap Null Pointer Dereference Privilege Escalation Vulnerability
2016-11-0800:00:00
bee13oy of CloverSec Labs
www.zerodayinitiative.com
22
0.001 Low
EPSS
Percentile
21.3%
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of bitmap objects. By performing a certain sequence of calls to win32k.sys, an attacker can cause the kernel to make use of a null pointer. An attacker can leverage this vulnerability to escalate privilege to SYSTEM.
Related
prion
prion
Privilege escalation
2016-11-10 06:59:00
nvd
nvd
CVE-2016-7215
2016-11-10 06:59:28
cve
cve
CVE-2016-7215
2016-11-10 06:59:28
cvelist
cvelist
CVE-2016-7215
2016-11-10 06:16:00
mscve
mscve
Win32k Elevation of Privilege Vulnerability
2016-11-08 08:00:00
symantec
symantec
checkpoint_advisories
checkpoint_advisories
Microsoft Win32k Elevation of Privilege (MS16-135: CVE-2016-7215)
2016-11-08 00:00:00
mskb
mskb
nessus
nessus
MS16-135: Security Update for Windows Kernel-Mode Drivers (3199135)
2016-11-08 00:00:00
openvas
openvas
Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities (3199135)
2016-11-09 00:00:00
threatpost
threatpost
Microsoft Patches Zero Day Disclosed by Google
2016-11-08 14:57:26
kaspersky
kaspersky
KLA11832 Multiple vulnerabilities in Microsoft Products (ESU)
2016-11-08 00:00:00
KLA10897 Multiple vulnerabilities in Microsoft Windows
2016-11-08 00:00:00