CVE-2019-0959 – Microsoft Windows - 'CmpAddRemoveContainerToCLFSLog' Arbitrary File/Directory Creation
https://notcve.org/view.php?id=CVE-2019-0959
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios cuando el controlador de Common Log File System (CLFS) de Windows maneja inapropiadamente los objetos en la memoria, también se conoce como 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'. • https://www.exploit-db.com/exploits/47028 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0959 •
CVE-2019-0708 – Microsoft Remote Desktop Services Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0708
The RDP termdd.sys driver improperly handles binds to internal-only channel MS_T120, allowing a malformed Disconnect Provider Indication message to cause a use-after-free. • https://www.exploit-db.com/exploits/47120 https://www.exploit-db.com/exploits/46946 https://www.exploit-db.com/exploits/47416 https://www.exploit-db.com/exploits/47683 https://github.com/k8gege/CVE-2019-0708 https://github.com/n1xbyte/CVE-2019-0708 https://github.com/victor0013/CVE-2019-0708 https://github.com/cbwang505/CVE-2019-0708-EXP-Windows https://github.com/Leoid/CVE-2019-0708 https://github.com/p0p0p0/CVE-2019-0708-exploit https://github.com/wora • CWE-416: Use After Free •
CVE-2019-0836 – Microsoft Windows 10 1809 - LUAFV PostLuafvPostReadWrite SECTION_OBJECT_POINTERS Race Condition Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-0836
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios cuando Windows maneja incorrectamente las llamadas al controlador LUAFV (luafv.sys), también conocido como ' vulnerabilidad de elevación de privilegios de Windows'. ... On Microsoft Windows, the LUAFV driver has a race condition in the LuafvPostReadWrite callback if delay virtualization has occurred during a read leading to the SECTION_OBJECT_POINTERS value being reset to the underlying file resulting in elevation of privilege. • https://www.exploit-db.com/exploits/46718 http://packetstormsecurity.com/files/152538/Microsoft-Windows-LUAFV-PostLuafvPostReadWrite-SECTION_OBJECT_POINTERS-Race-Condition.html http://www.securityfocus.com/bid/107719 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0836 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2019-0796 – Microsoft Windows 10 1809 - LUAFV LuafvCopyShortName Arbitrary Short Name Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-0796
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios en Windows, debido a que maneja incorrectamente las llamadas al controlador LUAFV (luafv.sys), también conocido como 'vulnerabilidad de elevación de privilegio de Windows'. ... On Microsoft Windows, the LUAFV driver bypasses security checks to copy short names during file virtualization which can be tricked into writing an arbitrary short name leading to elevation of privilege. • https://www.exploit-db.com/exploits/46715 http://packetstormsecurity.com/files/152535/Microsoft-Windows-LUAFV-LuafvCopyShortName-Arbitrary-Short-Name-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0796 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2019-0805 – Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-0805
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios en Windows, debido a que maneja incorrectamente las llamadas al controlador LUAFV (luafv.sys), también conocido como 'vulnerabilidad de elevación de privilegio de Windows'. ... On Microsoft Windows, the LUAFV driver can confuse the cache and memory manager to replace the contents of privileged file leading to elevation of privilege. • https://www.exploit-db.com/exploits/46717 http://packetstormsecurity.com/files/152537/Microsoft-Windows-LUAFV-Delayed-Virtualization-Cache-Manager-Poisoning-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0805 • CWE-345: Insufficient Verification of Data Authenticity •