This module exploits a memory corruption vulnerability in the AppFlt.sys driver of Panda Global Protection when handling a specially crafted IOCTL request. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges.
This module exploits a vulnerability on Microsoft Hyper-V sending a crafted packet from the "guest OS" to the "host OS" through the vmbus mechanism.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs
or have limited functionality and may not have complete or accurate documentation.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs
or have limited functionality and may not have complete or accurate documentation.
This module exploits a privilege escalation vulnerability in the tmtdi.sys driver of Trend Micro Titanium Maximum Security and OfficeScan products. The vulnerable driver trusts a dword passed from user mode via IOCTL 0x220404, and interprets it as a function pointer without performing validations. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges.
This update adds support for the Trend Micro OfficeScan product, as well as support for Windows Server 2003 and Windows Server 2008 platforms.
This update adds support for the Trend Micro OfficeScan product, as well as support for Windows Server 2003 and Windows Server 2008 platforms.
The read-only flag is not correctly copied when a mbuf buffer reference
is duplicated. When the sendfile system call is used to transmit
data over the loopback interface, this can result in the backing pages
for the transmitted file being modified, causing data corruption.
This data corruption can be exploited by an local attacker to escalate
their privilege by carefully controlling the corruption of system files.
It should be noted that the attacker can corrupt any file they have read
access to.
is duplicated. When the sendfile system call is used to transmit
data over the loopback interface, this can result in the backing pages
for the transmitted file being modified, causing data corruption.
This data corruption can be exploited by an local attacker to escalate
their privilege by carefully controlling the corruption of system files.
It should be noted that the attacker can corrupt any file they have read
access to.
This update adds support to Impact Professional 11.0i
This module exploits a vulnerability on "win32k.sys" when a keyboard layout is loaded by the kernel.
This module exploits a vulnerability on "win32k.sys" when a keyboard layout is loaded by the kernel.
This update adds support to Microsoft Windows 2003, Vista and 2008.
This module exploits a vulnerability on "win32k.sys" when a keyboard layout is loaded by the kernel.
This module exploits a vulnerability on "win32k.sys" when a keyboard layout is loaded by the kernel.
Update for win32api module which adds 2 new wrappers.
This module exploits a privilege escalation vulnerability in Microsoft Windows by setting a specially crafted SystemDefaultEUDCFont value in the HKEY_CURRENT_USER\EUDC Registry key, and then calling EnableEUDC() function in GDI32 library. It will enable local unprivileged users to gain SYSTEM privileges.
This update adds support for Windows Vista and Windows Server 2008.
This update adds support for Windows Vista and Windows Server 2008.
This module exploits a privilege escalation vulnerability in Microsoft Windows by setting a specially crafted SystemDefaultEUDCFont value in the HKEY_CURRENT_USER\EUDC Registry key, and then calling EnableEUDC() function in GDI32 library. It will enable local unprivileged users to gain SYSTEM privileges.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
This module exploits a privilege escalation vulnerability in the Microsoft Windows Task Scheduler Service. This vulnerability is currently exploited by the Stuxnet malware. This update adds support for Windows 7 and Windows 2008 x64.