Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Microsoft Windows Kernel - 'win32k!vSolidFillRect' Buffer Overflow (MS15-061)

Related Vulnerabilities: CVE-2015-1725  
Publish Date: 22 Sep 2015
Author: Nils Sommer
Source / Download Exploit 
                							

                Source: https://code.google.com/p/google-security-research/issues/detail?id=313

The PoC triggers a pool buffer overflow in win32k!vSolidFillRect. ​When using Special Pool we get the crash immediately on the overwrite. Without Special Pool we often get a crash in the same function, but sometimes it crashes in a different function (similar to another issue, however with a different offset). This might be a result of the memory corruption or an out-of-memory condition before the overflow is triggered. Debugger output for all three different crashes attached.

Proof of Concept:
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/38270.zip

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started