漏洞标题
Win32k权限提升漏洞
漏洞描述信息
Win32k权限提升漏洞
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Win32k Elevation of Privilege Vulnerability
漏洞描述信息
<p>An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>
<p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.</p>
<p>The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory.</p>
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Microsoft Windows 内核模式驱动程序授权问题漏洞
漏洞描述信息
Microsoft Windows是美国微软(Microsoft)公司的一种桌面操作系统。 Windows 内核模式驱动程序存在授权问题漏洞。该漏洞允许攻击者可以在内核模式中运行任意代码。以下产品及版本受到影响: Windows 10 1909版本, Windows 10 1709版本, Windows Server 1909版本, Windows Server 2004版本, Windows Server 1903版本, Windows 10 2004版本, Windows 10 1809版本, Win
CVSS信息
N/A
漏洞类别
授权问题