File tree Expand file tree Collapse file tree 1 file changed +37
-0
lines changed
Expand file tree Collapse file tree 1 file changed +37
-0
lines changed Original file line number Diff line number Diff line change 1+ # CVE-2016 -3309: Microsoft Windows Kernel 'Win32k.sys' Local Privilege Escalation Vulnerability
2+
3+ ## Description
4+
5+ ** Author:** SensePost
6+
7+ ** CVE:** CVE-2016 -3309
8+
9+ ** EDB-ID:**
10+
11+ ** Microsoft Security Bulletin:** MS16-098
12+
13+ ** References:** [ Sensepost] ( https://sensepost.com/blog/2017/exploiting-ms16-098-rgnobj-integer-overflow-on-windows-8.1-x64-bit-by-abusing-gdi-objects/ ) [ Sensepost] ( https://github.com/sensepost/ms16-098 ) [ Microsoft] ( https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-3309 )
14+
15+ ** Video:** [ Youtube] ( https://youtu.be/_KPf311WNgc )
16+
17+
18+ ## Affected Products
19+
20+ | Product | Version | Update | Build | Tested |
21+ | :---------------------- | :------ | :----- | :---- | ------ |
22+ | Windows 10 x64 | 1511 | | | |
23+ | Windows 10 x64 | 1607 | | | |
24+ | Windows 8.1 x64 | | | | √ |
25+ | Windows 7 x64 | | SP1 | | |
26+ | Windows Vista | | | | |
27+ | Windows Server 2008 x64 | | SP2 | | |
28+ | Windows Server 2008 x64 | R2 | SP1 | | |
29+ | Windows Server 2012 x64 | | | | |
30+ | Windows Server 2012 x64 | R2 | | | |
31+
32+ ## Exploits
33+
34+
35+ ** x64:** [ Download] ( https://github.com/WindowsExploits/Exploits/raw/master/CVE-2016-3309/Binaries/bfill.exe )
36+
37+ SHA256: 3c32c24c985455f1d4128a24ebc59ec7eb3158bfc9f2b81178a80f07d1ce0a1e
You can’t perform that action at this time.
0 commit comments