Published: 04/04/2007 Updated: 17/10/2018

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 735

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via "invalid application window sizes" in layered application windows, aka the "GDI Invalid Window Size Elevation of Privilege Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows xp
microsoft windows 2000

/* GDI Local Elevation of Privilege Vulnerability Exploit (MS07-017) Coded by Lionel d'Hauenens wwwlabo-assocom Development: ------------ Dev-C++ 4992 Linked with /lib/libgdi32a References: ----------- wwwmicrosoftcom/technet/security/bulletin/MS07-017mspx researcheeyecom/html/alerts/zeroday/20061106html http:/ ...

#define _WIN32_WINNT 0x0500 #include <windowsh> #include <shlwapih> #include <stdioh> #pragma comment (lib, "user32lib") #pragma comment (lib, "gdi32lib") #pragma comment (lib, "shlwapilib") #pragma comment (lib, "ntdlllib") /* Here is a sploit for the GDI MS07-017 Local Privilege Escalation, presented during the last b ...

MS Windows (ANI) GDI Remote Elevation of Privilege Exploit (MS07-017) githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/3804zip (04262007-gdi_remote_elevation_privilege_exploit_ms07_017_principalzip) # milw0rmcom [2007-04-26] ...

NVD-CWE-Other http://www.securityfocus.com/bid/23277 http://www.securitytracker.com/id?1017846 http://www.vupen.com/english/advisories/2007/1215 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1385 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017 http://www.securityfocus.com/archive/1/466186/100/200/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/3755/

CVE-2006-5586

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect