CVE-2019-0808

Related Files

Microsoft Windows NtUserMNDragOver Local Privilege Escalation

Posted May 8, 2020

Authored by Clement LECIGNE, timwr, Grant Willcox | Site metasploit.com

This Metasploit module exploits a NULL pointer dereference vulnerability in MNGetpItemFromIndex(), which is reachable via a NtUserMNDragOver() system call. The NULL pointer dereference occurs because the xxxMNFindWindowFromPoint() function does not effectively check the validity of the tagPOPUPMENU objects it processes before passing them on to MNGetpItemFromIndex(), where the NULL pointer dereference will occur. This module has been tested against Windows 7 x86 SP0 and SP1. Offsets within the solution may need to be adjusted to work with other versions of Windows, such as Windows Server 2008.

tags | exploit, x86

systems | windows

advisories | CVE-2019-0808

SHA-256 | fb3cf21123b0e2fbb662a608751638e9471714e3f0e34de79dd880b595ae013c

Download | Favorite | View

Microsoft Windows Win32k CVE-2019-0808 Local Privilege Escalation

Posted Mar 27, 2019

Authored by ze0r

Microsoft Windows Win32k local privilege escalation proof of concept exploit.

tags | exploit, local, proof of concept

systems | windows

advisories | CVE-2019-0808

SHA-256 | 6774a9c3a588e5f20f4f14249b0356b8a13d70a8848eed507eb39dba135af5d3

Download | Favorite | View

Root Cause Of The CVE-2019-0808 Kernel Privilege Escalation

Posted Mar 14, 2019

Authored by 360 Core Security | Site blogs.360.cn

This is a write up detailing the root cause of the kernel privilege escalation vulnerabilities Microsoft patched on March 12, 2019.

tags | exploit, kernel, root, vulnerability

advisories | CVE-2019-0808

SHA-256 | 21972ee2969bde7c0fb73197ec2ceda1ff103835f938cd09ebaad29569f4f82a

Download | Favorite | View