header-logo
Suggest Exploit
vendor:
Windows 7
by:
Project Zero
7,8
CVSS
HIGH
Use-After-Free
416
CWE
Product Name: Windows 7
Affected Version From: Windows 7
Affected Version To: Windows 7
Patch Exists: YES
Related CWE: N/A
CPE: o:microsoft:windows_7
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2015

Blue Screen on Windows 7 with Special Pool Enabled on win32k.sys

The attached PoC triggers a blue screen on Windows 7 with special pool enabled on win32k.sys. A reference to the bitmap object still exists in the device context after it has been deleted.

Mitigation:

Enabling special pool on win32k.sys should be avoided.
Source

Exploit-DB raw data:

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=746

The attached PoC triggers a blue screen on Windows 7 with special pool enabled on win32k.sys . A reference to the bitmap object still exists in the device context after it has been deleted.


Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/39959.zip

Navigation

Suggest Exploit

Services By CQR