This module exploits a vulnerability in win32k.sys when the EPATHOBJ::pprFlattenRec() doesn't initialize the pointer to the next memory chunk.



This update adds support to Windows 2003, Windows 2008 and Windows Vista

This module exploits a vulnerability in the Linux kernel. The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.

This module exploits a vulnerability in win32k.sys when the EPATHOBJ::pprFlattenRec() doesn't initialize the pointer to the next memory chunk.



This update adds support to Microsoft Windows 8.

This module exploits a vulnerability in FreeBSD.



The FreeBSD virtual memory system allows files to be memory-mapped. All or parts of a file can be made available to a process via its address space.



The process can then access the file using memory operations rather than filesystem I/O calls. Due to insufficient permission checks in the virtual memory system, a tracing process (such as a debugger) may be able to modify portions of the traced process's address space to which the traced process itself does not have write access.

This module exploits a vulnerability in win32k.sys when the EPATHOBJ::pprFlattenRec() doesn't initialize the pointer to the next memory chunk.

This module exploits a vulnerability in Windows kernel calling to "DisplayConfigGetDeviceInfo" function with crafted parameters.

This module exploits a Windows kernel vulnerability calling to "NtGdiScaleViewportExtEx" function by using crafted parameters.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

This module exploits a vulnerability in Windows kernel (win32k.sys) when a crafted TTF font is open.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs

or have limited functionality and may not have complete or accurate documentation.

An elevation of privilege vulnerability exists when the Windows kernel improperly handles window broadcast messages. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

The setuid-set ViscosityHelper binary insecurely executes certain scripts and can be exploited to gain escalated privileges via symlink attacks.