The specific flaw exists within the implementation of the 0x280A IOCTL in the DrawSrv subsystem. A stack-based buffer overflow vulnerability exists in a call to strcpy. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system.
CVE Link
Exploit Type - Old
Exploits/Remote
Exploit Platform
Product Name