CVE-2009-2653 Information
Description
LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks The NtUserConsoleControl function in win32k.sys in Microsoft Windows XP SP2 and SP3 and Server 2003 before SP1 allows local administrators to bypass unspecified \security software\ and gain privileges via a crafted call that triggers an overwrite of an arbitrary memory location. NOTE: the vendor disputes the significance of this report stating that ’the Administrator to SYSTEM \escalation\ is not a security boundary we defend.'
Reference
http://blogs.technet.com/srd/archive/2009/06/11/latest-baidu-public-posting-requires-adminisrator-to-elevate.aspx http://hi.baidu.com/azy0922/blog/item/f950cbc2890729130ef47783.html http://osvdb.org/56780 http://securitytracker.com/id?1022630 http://www.exploit-db.com/exploits/9301 http://www.ntinternals.org/index.html09_07_30
Share on: