Main Vulnerability Database Exploits ID:10552 - Exploit for Integer overflow in Windows and Windows Server - CVE-2024-38144

ID:10552 - Exploit for Integer overflow in Windows and Windows Server - CVE-2024-38144

Published: October 9, 2024

Vulnerability identifier: #VU95851

Vulnerability risk: Medium

CVE-ID: CVE-2024-38144

CWE-ID: CWE-190

Exploitation vector: Remote access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://github.com/Dor00tkit/CVE-2024-38144

Vulnerability description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to integer overflow in Kernel Streaming WOW Thunk Service Driver. A remote user can pass specially crafted data to the application, trigger integer overflow and gain elevated privileges on the target system.

Remediation

Install updates from vendor's website.

ID:10552 - Exploit for Integer overflow in Windows and Windows Server - CVE-2024-38144

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human