Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a denial of service (memory corruption and crash) and gain privileges by modifying the kernel structures.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows GDI内核本地权限提升漏洞(MS07-017)
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。 Windows XP及更早版本的WIN32K.SYS中存在特权句柄泄露漏洞,允许非特权用户以内核权限执行任意指令。 如果创建了新进程的话,WIN32K.SYS!GdiProcessCallout会通过ObOpenObjectByPointer以SECTION_ALL_ACCESS权限在新进程中为gpHmgrSharedHandleSection创建句柄。这个句柄用于将共享中的只读部分映射到进程的内存,但没有关闭,
CVSS Information
N/A
Vulnerability Type
N/A