This exploits sets the command history number in a value greater than 0x7fff. When a new command is sent to "cmd.exe", a CSRSS memory corruption is produced and the CSRSS process control is taken.
CVE Link
Exploit Platform
Exploit Type
Product Name