header-logo
Suggest Exploit
vendor:
Windows 7/ Server 2008
by:
ze0r
7.8
CVSS
HIGH
Local Privilege Escalation
264
CWE
Product Name: Windows 7/ Server 2008
Affected Version From: Microsoft Windows 7/ Server 2008
Affected Version To: Microsoft Windows 7/ Server 2008
Patch Exists: YES
Related CWE: CVE-2019-0808
CPE: o:microsoft:windows_7::sp1
Metasploit: https://www.rapid7.com/db/vulnerabilities/msft-cve-2019-0808/
Other Scripts: N/A
Platforms Tested: Windows
2019

Microsoft Windows Win32k CVE-2019-0808 Local Privilege Escalation Vulnerability

A local privilege escalation vulnerability exists in Microsoft Windows Win32k when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

Mitigation:

Microsoft has released a security update to address this vulnerability. Users should apply the update as soon as possible.
Source

Exploit-DB raw data:

# Exploit Title: Microsoft Windows Win32k CVE-2019-0808 Local Privilege Escalation Vulnerability
# Date: 24/03/2019
# Exploit Author: ze0r
# Vendor Homepage: www.microsoft.com
# Version: Microsoft Windows 7/ Server 2008
# CVE : CVE-2019-0808


https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46604.zip

Navigation

Suggest Exploit

Services By CQR