Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value.
cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges. This module exploits this vulnerability.
K9 Web Protection's local administration interface is vulnerable to a stack based buffer overflow while processing ''Referer'' HTTP headers. Local attackers could use this vulnerability to escalate privileges.
This module exploits a vulnerability in Avast Antivirus ASWMON.SYS driver when handling a specially crafted IOCTL request. The vulnerability allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters.
This module exploits a vulnerability in the XNU 1228.9.59 and earlier that does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image
This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges.
Agnitum Outpost Security Suite is prone to a privilege-escalation vulnerability that affects the acs.exe service server. Attackers can leverage this issue to execute arbitrary code with elevated privileges in the context of the acs.exe service server process.
tbd. This module allows an agent running in the context of AcroRd32.exe with Low Integrity Level/AppContainer Integrity Level to escalate privileges in order to install a new agent that will run with Medium Integrity Level.
Zoom Player is prone to a stack based buffer overflow when opening specially crafted BMP files. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
ZipWrangler contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in ZipWrangler when handling .ZIP files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .ZIP file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.