PT-2023-5141 · Microsoft · Windows

Marcin Wiazowski

Publicado

2023-06-07

Atualizado

2024-05-29

CVE-2023-36804

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Windows (affected versions not specified)

Description The issue is related to a use-after-free vulnerability in the Windows GDI component, specifically affecting the win32kfull driver. This vulnerability can be exploited to elevate privileges. The vulnerability is associated with the improper use of memory after it has been freed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

BDU:2023-05732

CVE-2023-36804

ZDI-23-1406

ZDI-23-1407

ZDI-23-1408

ZDI-23-1409

ZDI-23-1410

ZDI-23-1534

ZDI-23-1535

ZDI-23-1587

ZDI-23-1642

ZDI-23-1643

ZDI-23-1644

ZDI-23-1645

ZDI-23-1792

Produtos afetados

Windows

PT-2023-5141 · Microsoft · Windows

CVE-2023-36804

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 23