win32k Clipboard Bitmap – Use-After-Free

• Exploit Database
• 22 阅读

• 作者： Nils Sommer
  日期： 2015-12-17
• 类别：

  • dos
  平台：

  • windows_x86
• 来源：https://www.exploit-db.com/exploits/39027/

• Source: https://code.google.com/p/google-security-research/issues/detail?id=533
  
  This PoC triggers a crash on Windows 7 32-bit with Special Pool enabled on win32k.sys. The kernel crashes due to a use-after-free condition with bitmaps in the clipboard.
  ---
  
  Note that multiple PoC executions and simulated system activity may be required to trigger this issue.
  
  
  Proof of Concept:
  https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/39027.zip