admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-29 01:31:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2010/CVE-2010-1897.md
0xMarcio 48a00929ac Removed duplicates
2024-06-18 02:51:15 +02:00

21 lines
1.0 KiB
Markdown
Raw Blame History

### [CVE-2010-1897](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1897)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate pseudo-handle values in callback parameters during window creation, which allows local users to gain privileges via a crafted application, aka "Win32k Window Creation Vulnerability."
### POC
#### Reference
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-048
#### Github
- https://github.com/Ascotbe/Kernelhub
- https://github.com/Cruxer8Mech/Idk
- https://github.com/lyshark/Windows-exploits
- https://github.com/ycdxsb/WindowsPrivilegeEscalation
Reference in New Issue View Git Blame Copy Permalink