VULHUB ™

Some Win32K functions incorrectly validate input parameters prior to NT Service Pack 2. This problem could allow an attacker to write an application that passes malformed parameters to a Win32K function which may result in a critical system failure. Exploitation would require that the attacker can cause the application to be executed on a vulnerable system. Reportedly, this could also be exploited through an ActiveX control residing on a maliciously constructed website.

Some Win32K functions incorrectly validate input parameters prior to NT Service Pack 2. This problem could allow an attacker to write an application that passes malformed parameters to a Win32K function which may result in a critical system failure. Exploitation would require that the attacker can cause the application to be executed on a vulnerable system. Reportedly, this could also be exploited through an ActiveX control residing on a maliciously constructed website.