Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2014-40762

Vulnerability Summary

The tcpip.sys driver fails to sufficiently validate memory objects used during the processing of a user-provided IOCTL. By crafting an input buffer that will be passed to the Tcp device through the NtDeviceIoControlFile() function, it is possible to trigger a vulnerability that would allow an malicious user to elevate privileges. Proof of concept exploit included.

Exploits

Exploit DB: Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation
The tcpipsys driver fails to sufficiently validate memory objects used during the processing of a user-provided IOCTL By crafting an input buffer that will be passed to the Tcp device through the NtDeviceIoControlFile() function, it is possible to trigger a vulnerability that would allow an attacker to elevate privileges Proof of concept exploit ...

References

https://packetstormsecurity.com/files/130159/Microsoft-Windows-Server-2003-SP2-Arbitrary-Write-Privilege-Escalation.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook