Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities

Last Update Date: 13 Jun 2012 15:27 Release Date: 13 Jun 2012 4164 Views

RISK: Medium Risk

TYPE: Operating Systems - Windows OS

String Atom Class Name Handling Vulnerability
An elevation of privilege vulnerability exists because of the way that Windows kernel-mode drivers manage kernel-mode driver objects. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
Clipboard Format Atom Name Handling Vulnerability
An elevation of privilege vulnerability exists because of the way that Windows kernel-mode drivers manage kernel-mode driver objects. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
Font Resource Refcount Integer Overflow Vulnerability
An elevation of privilege vulnerability exists because the Windows kernel-mode drivers do not properly allocate memory when handling fonts. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
Win32k.sys Race Condition Vulnerability
An elevation of privilege vulnerability exists in the Windows kernel because of the way that the kernel deals with specific thread creation attempts. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.