Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiMarcin WiazowskiZDI-21-1008
HistoryAug 26, 2021 - 12:00 a.m.

Microsoft Windows Canonical Display Driver DrvTextOut Untrusted Pointer Dereference Privilege Escalation Vulnerability

2021-08-2600:00:00
Marcin Wiazowski
www.zerodayinitiative.com
15
microsoft windows
cdd.dll
privilege escalation
untrusted pointer
system

EPSS

0.001

Percentile

32.3%

JSON

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cdd.dll driver. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

Related

prion 1
zdi 19
cnvd 1
nvd 1
cve 1
cvelist 1
mscve 1
mskb 13
nessus 9
openvas 8
kaspersky 2
rapid7blog 1
prion
prion
Privilege escalation
2021-07-14 18:15:00
zdi
zdi
Microsoft Windows Canonical Display Driver DrvStretchBltROPInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability
2021-08-26 00:00:00
Microsoft Windows Canonical Display Driver DrvStrokePath NULL Pointer Dereference Privilege Escalation Vulnerability
2021-08-26 00:00:00
Microsoft Windows Canonical Display Driver DrvPlgBltInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability
2021-08-26 00:00:00
cnvd
cnvd
Microsoft Windows/Windows Server Elevation of Privilege Vulnerability (CNVD-2021-66089)
2021-07-15 00:00:00
nvd
nvd
CVE-2021-34516
2021-07-14 18:15:12
cve
cve
CVE-2021-34516
2021-07-14 18:15:12
cvelist
cvelist
CVE-2021-34516 Win32k Elevation of Privilege Vulnerability
2021-07-14 17:54:31
mscve
mscve
Win32k Elevation of Privilege Vulnerability
2021-07-13 07:00:00
mskb
mskb
July 13, 2021—KB5004299 (Security-only update)
2021-07-13 07:00:00
July 13, 2021—KB5004307 (Security-only update)
2021-07-13 07:00:00
July 13, 2021—KB5004305 (Monthly Rollup)
2021-07-13 07:00:00
nessus
nessus
KB5004305: Windows Server 2008 Security Update (July 2021)
2021-07-13 00:00:00
KB5004307: Windows 7 and Windows Server 2008 R2 Security Update (July 2021)
2021-07-13 00:00:00
KB5004249: Windows 10 1507 LTS Security Update (July 2021)
2021-07-13 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5004305)
2021-07-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5004289)
2021-07-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5004298)
2021-07-14 00:00:00
kaspersky
kaspersky
KLA12226 Multiple vulnerabilities in Microsoft Products (ESU)
2021-07-13 00:00:00
KLA12221 Multiple vulnerabillities in Microsoft Windows
2021-07-13 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - July 2021
2021-07-13 20:56:26

EPSS

0.001

Percentile

32.3%

JSON
Related for ZDI-21-1008
prion1zdi19cnvd1nvd1cve1cvelist1mscve1mskb13nessus9openvas8kaspersky2rapid7blog1