CNVD-2019-10041 — Vulnetix

CNVD-2019-10041 PUBLISHED CVSS 7.800000190734863 HIGH

Windows是美国微软公司研发的一套操作系统，Windows采用了图形化模式GUI。 Microsoft Windows存在权限提升漏洞。该漏洞源于Win32k组件未能正确处理内存中的对象。攻击者可利用该漏洞在内核模式下运行任意代码，从而可安装程序，查看、更改或删除数据，或创建具有完全用户权限的新帐户。

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Microsoft	Windows Server	2008 R2 for x64-based Systems Service Pack 1 (Core installation), 2008 R2 for Itanium-Based Systems Service Pack 1, 2008 R2 for x64-based Systems Service Pack 1
Microsoft	Windows	, 7 for x64-based Systems Service Pack 1,

Timeline

May 23, 2014 PoC Published
Apr 9, 2019 CVE Published
Apr 10, 2019 PoC Published
Jul 18, 2019 PoC Published
Jan 21, 2020 PoC Published
Jun 26, 2020 PoC Published
Aug 17, 2020 PoC Published
Sep 17, 2020 PoC Published
Oct 3, 2020 PoC Published
Oct 9, 2020 PoC Published
Oct 20, 2020 PoC Published
Oct 20, 2020 PoC Published

References

Open in Interactive Console →