- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 38794
- Проверка EDB
-
- Пройдено
- Автор
- NILS SOMMER
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2015-6102
- Дата публикации
- 2015-11-23
Microsoft Windows - Cursor Object Memory Leak (MS15-115)
Код:
Source: https://code.google.com/p/google-security-research/issues/detail?id=510
The attached poc crashes 32-bit Windows 7 with a screen resolution of 1024x768 and 32bit color depth. The crash occurs during a memmove opperation while copying the cursor content from unmapped memory. This could potentially be used by an attacker to leak kernel memory.
When reproducing this issue in VMWare, it is necessary to remove VMWare tools. In QEMU the issue reproduces reliably.
---
Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38794.zip- Источник
- www.exploit-db.com
