Main Vulnerability Database Exploits ID:4972 - Exploit for Buffer overflow in Windows and Windows Server - CVE-2020-17008

ID:4972 - Exploit for Buffer overflow in Windows and Windows Server - CVE-2020-17008

Published: December 28, 2020

Vulnerability identifier: #VU49142

Vulnerability risk: Low

CVE-ID: CVE-2020-17008

CWE-ID: CWE-119

Exploitation vector: Local access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://github.com/jas502n/CVE-2020-17008

Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the user-mode printer driver host process splwow64.exe within the Windows kernel. A local user can run a specially crafted program to trigger untrusted pointer dereference and execute arbitrary code on the system with elevated privileges.

Note, this vulnerability exists due to incomplete patch for vulnerability #VU28018.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

ID:4972 - Exploit for Buffer overflow in Windows and Windows Server - CVE-2020-17008

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human