The vulnerability exists due to a boundary error within the Windows DWMCORE library. A local user can trigger a heap-based buffer overflow and execute arbitrary code with the DWM user with Integrity System privileges.
This update adds reliability improvements to check if the target is vulnerable.
The Client Side Caching Driver (csc.sys) present in Microsoft Windows is vulnerable to a memory corruption, which can result in arbitrary memory write. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges.
An authorized attacker with regular user privileges may be able to inject a malicious file and then convince a user to execute a UWP application.An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
The Cloud Files Mini Filter Driver (cldflt.sys) present in Microsoft Windows is vulnerable to a buffer overflow, which can result in out-of-bounds memory write to paged pool memory. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges.
Fortra's Robot Schedule Enterprise Agent for Windows prior to version 3.04 is susceptible to privilege escalation. A low-privileged user can overwrite the service executable. When the service is restarted, the replaced binary runs with local system privileges, allowing a low-privileged user to gain elevated privileges.
This vulnerability allows local attackers to execute arbitrary code on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the n_gsm driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.
The specific flaw exists within the n_gsm driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
This update contains a minor fix in the exploit time out.
This update contains a minor fix in the exploit time out.
The Ancillary Function Driver (AFD.sys) present in Microsoft Windows is vulnerable to a double-fetch that causes an integer overflow, which can result in out-of-bounds memory write to non-paged pool memory. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by calling to the WSASendMsg function with crafted parameters.
An improper privilege management vulnerability in IBM Performance Tools for i allows authenticated local attackers with command line access to gain all object access to the host operating system. The vulnerability can be exploited by abusing the QPFR/QAVCPP program.