Lucene search
Abdelhamid NaceriZDI-22-317HistoryFeb 11, 2022 - 12:00 a.m.
Microsoft Windows User Profile Picture Link Following Denial-of-Service Vulnerability
2022-02-1100:00:00
Abdelhamid Naceri
www.zerodayinitiative.com
13
0.001 Low
EPSS
Percentile
25.2%
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the UserTileBroker component. By creating a symbolic link, an attacker can abuse the component to create a file. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
Related
mscve
mscve
Windows User Account Profile Picture Denial of Service Vulnerability
2022-02-08 08:00:00
cve
cve
CVE-2022-22002
2022-02-09 17:15:09
cvelist
cvelist
prion
prion
Denial of service
2022-02-09 17:15:00
nvd
nvd
CVE-2022-22002
2022-02-09 17:15:09
nessus
nessus
KB5010395: Windows 8.1 and Windows Server 2012 R2 Security Update (February 2022)
2022-02-08 00:00:00
KB5010392: Windows Server 2012 Security Update (February 2022)
2022-02-08 00:00:00
mskb
mskb
February 8, 2022âKB5010392 (Monthly Rollup)
2022-02-08 08:00:00
February 8, 2022âKB5010419 (Monthly Rollup)
2022-02-08 08:00:00
February 8, 2022âKB5010395 (Security-only update)
2022-02-08 08:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5010358)
2022-02-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5010419)
2022-02-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5010359)
2022-02-09 00:00:00
kaspersky
kaspersky
KLA12457 Multiple vulnerabilities in Microsoft Windows
2022-02-08 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - February 2022
2022-02-08 20:43:40