Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities( 11 November 2009 )

1. Win32k NULL Pointer Dereferencing Vulnerability

An elevation of privilege vulnerability exists because the Windows kernel does not properly validate an argument passed to a Windows kernel system call. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

2. Win32k Insufficient Data Validation Vulnerability

An elevation of privilege vulnerability exists in Windows kernel-mode drivers due to improper validation of input passed from user mode through the kernel component of GDI. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

3.Win32k EOT Parsing Vulnerability

A remote code execution vulnerability exists in the Windows kernel-mode drivers due to the improper parsing of font code when building a table of directory entries. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.