header-logo
Suggest Exploit
vendor:
Windows 7
by:
Google Security Research
9,3
CVSS
HIGH
Pool Buffer Overflow
119
CWE
Product Name: Windows 7
Affected Version From: Windows 7 32-bit
Affected Version To: Windows 7 32-bit
Patch Exists: YES
Related CWE: CVE-2015-1701
CPE: o:microsoft:windows_7::-:32-bit
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2015

Pool Buffer Overflow

A pool buffer overflow vulnerability exists in Windows 7 32-bit due to a flaw in an ioctl handler. This vulnerability can be exploited by sending a specially crafted request to the vulnerable system. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the kernel.

Mitigation:

Microsoft has released a patch to address this vulnerability.
Source

Exploit-DB raw data:

Source: https://code.google.com/p/google-security-research/issues/detail?id=516

The attached testcase crashes Windows 7 32-bit due to a pool buffer overflow in an ioctl handler. Enabling special on ndis.sys netio.sys and ntoskrnl helps to track down the issue, however it will crashes due to a bad pool header without special pool as well.
---

Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38793.zip

Navigation

Suggest Exploit

Services By CQR