An elevation of privilege vulnerability exists due to the MS KS WOW Thunk kernel module allowing an integer overflow which can lead into a buffer overflow. The vulnerability could allow an attacker to run code with elevated privileges.
CVE Link
Exploit Platform
Product Name