Local Privilege Escalation in Windows NT and 2000 Kernel by Microsoft
CVE-2005-2827

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Nt; Windows 2000
Vendor: CVE Published:; 14 December 2005

What is CVE-2005-2827?

A vulnerability exists in the thread termination routine of the Windows NT 4.0 and Windows 2000 kernel (NTOSKRNL.EXE), allowing local users to manipulate kernel memory and execution paths. When a thread is terminated, it may cause Asynchronous Procedure Call (APC) entries to improperly free memory, leading to potential exploitation that could allow unauthorized access or the execution of arbitrary code with elevated privileges. This issue highlights critical security concerns regarding memory management and user access controls within the Windows operating system.

References

http://secunia.com/advisories/18064

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2005/2868

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/15826

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 14, 2005
Vulnerability Reserved
Sep 7, 2005