Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CryptoPro CSP through 5.0.0.10004 on 32-bit platforms allows Local Privilege Escalation (by local users with the SeChangeNotifyPrivilege right) because user-mode input is mishandled during process creation. An attacker can write arbitrary data to an arbitrary location in the kernel's address space.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CryptoPro CSP 安全漏洞
Vulnerability Description
CryptoPro CSP是俄罗斯CryptoPro公司的一个加密软件包。该软件包基于windows/linux系统的加密服务,可用来创建加密消息(加密,数字签名),构建和验证证书链,生成密钥以及处理消息和证书等功能。 CryptoPro CSP 5.0.0.10004版本及之前版本存在安全漏洞,该漏洞源于在进程创建期间用户模式输入被错误地处理,攻击者可利用该漏洞可以将任意数据写入内核地址空间中的任意位置。
CVSS Information
N/A
Vulnerability Type
N/A