An elevation of privilege vulnerability exists due to the MS KS WOW Thunk kernel module allowing untrusted pointer dereference. The vulnerability could allow an attacker to run code with elevated privileges.
CVE Link
Exploit Platform
Product Name