Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14946
HistoryNov 06, 2006 - 12:00 a.m.

[SA22668] Microsoft Windows GDI Kernel Structures Handling Vulnerability

2006-11-0600:00:00
vulners.com
29
JSON

TITLE:
Microsoft Windows GDI Kernel Structures Handling Vulnerability

SECUNIA ADVISORY ID:
SA22668

VERIFY ADVISORY:
http://secunia.com/advisories/22668/

CRITICAL:
Less critical

IMPACT:
Privilege escalation, DoS

WHERE:
Local system

OPERATING SYSTEM:
Microsoft Windows 2000 Advanced Server
http://secunia.com/product/21/
Microsoft Windows 2000 Datacenter Server
http://secunia.com/product/1177/
Microsoft Windows 2000 Professional
http://secunia.com/product/1/
Microsoft Windows 2000 Server
http://secunia.com/product/20/
Microsoft Windows XP Home Edition
http://secunia.com/product/16/
Microsoft Windows XP Professional
http://secunia.com/product/22/

DESCRIPTION:
Cesar Cerrudo has reported a vulnerability in Microsoft Windows,
which can be exploited by malicious, local users to cause a DoS
(Denial of Service) and potentially gain escalated privileges.

The vulnerability is caused due to an error within the handling of
GDI kernel structures allowing the created global shared memory
section, which is mapped with read-only permissions, to be re-mapped
with read-write permissions. This can be exploited to corrupt memory
by overwriting the data structures with arbitrary data.

The vulnerability is reported in Windows 2000 and Windows XP.
Microsoft Windows 2003 Server is reportedly not affected.

SOLUTION:
Grant only trusted users access to affected systems.

PROVIDED AND/OR DISCOVERED BY:
Cesar Cerrudo, Argeniss.

ORIGINAL ADVISORY:
http://projects.info-pull.com/mokb/MOKB-06-11-2006.html

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

JSON