Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows security vulnerabilities
Published:15.01.2014
Source:
SecurityVulns ID:13526
Type:library
Threat Level:
6/10
Description:Privilege escalations via NDProxy and win32k.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2014-0262 (win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Server 2008 R2 SP1 does not properly consider thread-owned objects during the processing of window handles, which allows local users to gain privileges via a crafted application, aka "Win32k Window Handle Vulnerability.")
 CVE-2013-5065 (NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013.)
Files:Microsoft Security Bulletin MS14-002 - Important Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2914368)
 Microsoft Security Bulletin MS14-003 - Important Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2913602)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod