Microsoft Windows Kernel - 'NtGdiGetTextExtentExW' Out-of-Bounds Memory Read
| EKU-ID: 43979 | CVE: CVE-2016-0093 | OSVDB-ID: |
| Author: Nils Sommer | Published: 2016-04-01 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 43979 | CVE: CVE-2016-0093 | OSVDB-ID: |
| Author: Nils Sommer | Published: 2016-04-01 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=685 The attached Proof-of-Concept crashes Windows 7 with special pool enabled on win32k.sys. The crash is due accessing memory past the end of a buffer. Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/39648.zip