Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
726
VMScore

CVE-2016-0040

Published: 10/02/2016 Updated: 12/10/2018
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 726
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Windows 7

Vulnerability Summary

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows 7 -

microsoft windows vista -

microsoft windows server 2008 r2

microsoft windows server 2008 -

Exploits

Exploit DB: Microsoft Windows WMI - Recieve Notification Exploit (Metasploit)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core/post/windows/reflective_dll_injection' class MetasploitModule < Msf::Exploit::Local Rank = NormalRanking include Msf::Post::File include Msf::Post::Windows::Priv include Msf::Post::W ...
Exploit DB: Windows WMI Recieve Notification
This Metasploit module exploits an uninitialized stack variable in the WMI subsystem of ntoskrnl This Metasploit module has been tested on vulnerable builds of Windows 7 SP0 x64 and Windows 7 SP1 x64 ...

Github Repositories

https://github.com/mishmashclone/wcventure-FuzzingPaper

https://github.com/wcventure/FuzzingPaper

Recent Papers Related To Fuzzing Remark: This website is only used for collecting and grouping the related paper If there are any paper need to be updated, you can contribute PR Main Repo: githubcom/wcventure/FuzzingPaper Mirrors: gitcodenet/mirrors/wcventure/FuzzingPaper All Papers (Classification according to Publication) Survey/Review Fuzzing: Challen

https://github.com/Rootkitsmm/cve-2016-0040

Exploiting CVE-2016-0040 uninitialized pointer

cve-2016-0040 poc for cve-2016-0040 bug found and exploited by Meysam Firozi @R00tkitSmm this poc help write arbitrary data to arbitrary address in windows kernel for more info see ny blog : ioctlir/indexphp/2016/02/13/cve-2016-0040-story-of-uninitialized-pointer/

https://github.com/wcventure/FuzzingPaper

Recent Fuzzing Paper

Recent Papers Related To Fuzzing This website is only used for collecting and grouping the related paper If there are any paper need to be updated, you can contribute PR Please check the web wcventuregithubio/FuzzingPaper/, as the md file shown in Github is cropped Advertisement: Our ICTT (Guangzhou) research group is accepting applications for master’s, do

https://github.com/de7ec7ed/CVE-2016-0040

CVE-2016-0040 Privilege Escalation Exploit For WMI Receive Notification Vulnerability (x86-64)

CVE-2016-0040 This exploit builds upon SMMRootkit's 32Bit project (githubcom/Rootkitsmm/cve-2016-0040) which causes this vulnerability to trigger a BSoD with all 'a's in RCX and 'B's in RAX It was ported to 64Bit Windows 7 SP1 and doesn't use the "mov [rcx+06h], rax" instruction for inital stage exploitation but instead the &quo

References

CWE-264http://www.securitytracker.com/id/1034985https://www.exploit-db.com/exploits/44586/https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-014https://nvd.nist.govhttps://www.exploit-db.com/exploits/44586/https://github.com/mishmashclone/wcventure-FuzzingPaper
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code executionCVE-2024-34909CVE-2024-3317SSTICVE-2024-3400CVE-2024-30051wirelessCVE-2024-4622CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook