PT-2018-17975 · Microsoft · Windows

Elvin9

Publicado

2018-02-26

Atualizado

2018-03-22

CVE-2018-7249

CVSS v2.0

6.9

Média

Vetor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to KB3086255

Description An issue was discovered that can cause a race condition leading to a use-after-free, allowing an unprivileged attacker to run arbitrary code in the kernel. This is achieved through two carefully timed calls to IOCTL 0xCA002813.

Recommendations For Microsoft Windows versions prior to KB3086255, apply the update KB3086255 to resolve the issue.

Exploit

Correção

Race Condition

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362CWE-416

Identificadores relacionados

CVE-2018-7249

Produtos afetados

Windows

PT-2018-17975 · Microsoft · Windows

CVE-2018-7249

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3