Beschreibung
Multiple serious vulnerabilities have been found in Microsoft Windows kernel. Malicious users can exploit these vulnerabilities to gain privileges.
Below is a complete list of vulnerabilities:
- An improper check of a buffer length (prior to copying memory to the buffer) can be exploited remotely to gain privileges;
- An incorrect permission enforcement done by Windows Kernel API can be exploited remotely via a specially designed application to gain privileges;
- An improper handling of objects in memory in Windows Transaction Manager can be exploited remotely via a specially designed application to gain privileges;
- An improper handling of registry objects in memory in Windows Kernel API can be exploited remotely via a specially designed application to gain privileges.
Technical details
Vulnerability (1) can be exploited only is malicious user has an access to the target system and have proper permissions to copy a file to a shared drive or folder.
Ursprüngliche Informationshinweise
CVE Liste
- CVE-2017-0102 critical
- CVE-2017-0103 critical
- CVE-2017-0101 critical
- CVE-2017-0050 critical
KB Liste
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!