Vigil@nce - Windows: privilege escalation via CSRSS
April 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can trigger a memory corruption in CSRSS of Windows,
in order to trigger a denial of service, and possibly to execute
code.
Impacted products: Windows 2003, Windows 2008, Windows Vista,
Windows XP
Severity: 2/4
Creation date: 09/04/2013
DESCRIPTION OF THE VULNERABILITY
The CSRSS (Client/Server Run-time Subsystem) subsystem manages
user consoles and processes.
An attacker can trigger a memory corruption in CSRSS of Windows,
in order to trigger a denial of service, and possibly to execute
code.
Technical details are unknown.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Windows-privilege-escalation-via-CSRSS-12638