bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/windows/dos/39647.txt
Offensive Security 6290e0021e DB: 2016-04-02 
8 new exploits

Microsoft Windows 2000/XP - (RPC DCOM) Remote Exploit
Microsoft Windows 2000/XP - (RPC DCOM) Remote Exploit (MS03-026)

Microsoft Windows NT/2000/XP/2003/Vista/2008/7 - User Mode to Ring Escalation Vulnerability (KiTrap0D)
Microsoft Windows NT/2000/XP/2003/Vista/2008/7 - User Mode to Ring Escalation Vulnerability (KiTrap0D) (MS10-015)
PHP <= 7.0.4/5.5.33 - SNMP Format String Exploit
Windows Kernel - Bitmap Use-After-Free
Windows Kernel - NtGdiGetTextExtentExW Out-of-Bounds Memory Read
Adobe Flash - URLStream.readObject Use-After-Free
Adobe Flash - TextField.maxChars Use-After-Free
Android - ih264d_process_intra_mb Memory Corruption
Adobe Flash - Color.setTransform Use-After-Free
PHP 5.5.33 - Invalid Memory Write
2016-04-02 05:02:51 +00:00

8 lines
367 B
Text
Executable file
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=686
The attached Proof-of-Concept crashes Windows 7 with special pool enabled on win32k.sys. The crashes are triggering in multiple different ways (two examples attached).
Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/39647.zip
Reference in a new issue View git blame Copy permalink