CVE-2010-2744
published 2010-10-13CVE-2010-2744: The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and…
PriorityP338high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
4.28%
89.9th percentile
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly manage a window class, which allows local users to gain privileges by creating a window, then using (1) the SetWindowLongPtr function to modify the popup menu structure, or (2) the SwitchWndProc function with a switch window information pointer, which is not re-initialized when a WM_NCCREATE message is processed, aka "Win32k Window Class Vulnerability."
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Securelist
The zero-day exploits of Operation WizardOpium
blogs_securelist·2020-05-28·CVSS 8.8
[HIGH] The zero-day exploits of Operation WizardOpium
Table of Contents
- Google Chrome remote code execution exploit
- Microsoft Windows elevation of privilege exploit
- Conclusions
Authors
- Boris Larin
- Alexey Kulaev
Back in October 2019 we detected a classic watering-hole attack on a North Korea-related news site that exploited a chain of Google Chrome and Microsoft Windows zero-days. While we’ve already published blog posts briefly describing this operation (available here and here), in this blog post we’d like to take a deep technical dive into the exploits and vulnerabilities used in this attack.
## Google Chrome remote code execution exploit
In the original blog post we described the exploit loader responsible for initial validation of the target and execution of the next stage JavaScript code containing the full browser explo
Securelist
The zero-day exploits of Operation WizardOpium
blogs_securelist·2020-05-28·CVSS 8.8
[HIGH] The zero-day exploits of Operation WizardOpium
Table of Contents
Google Chrome remote code execution exploit
Microsoft Windows elevation of privilege exploit
Conclusions
Authors
Boris Larin
Alexey Kulaev
Back in October 2019 we detected a classic watering-hole attack on a North Korea-related news site that exploited a chain of Google Chrome and Microsoft Windows zero-days. While we’ve already published blog posts briefly describing this operation (available here and here ), in this blog post we’d like to take a deep technical dive into the exploits and vulnerabilities used in this attack.
## Google Chrome remote code execution exploit
In the original blog post we described the exploit loader responsible for initial validation of the target and execution of the next stage JavaScript code containing the full browser exploit. The
http://mista.nu/blog/2010/12/01/windows-class-handling-gone-wrong/http://www.exploit-db.com/exploits/15894http://www.us-cert.gov/cas/techalerts/TA10-285A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-073https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12085http://mista.nu/blog/2010/12/01/windows-class-handling-gone-wrong/http://www.exploit-db.com/exploits/15894http://www.us-cert.gov/cas/techalerts/TA10-285A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-073https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12085
2010-10-13
Published