CVE-2009-2653

Microsoft Windows XP SP2-SP3 & Server 2003 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-2653. PoCs published by NT Internals.

AI-analyzed exploit summary The provided ExploitDB entry does not contain actual exploit code but instead points to an external download link for the exploit. This is a common tactic used in suspicious repositories to lure researchers into downloading potentially malicious files.

Description

The NtUserConsoleControl function in win32k.sys in Microsoft Windows XP SP2 and SP3, and Server 2003 before SP1, allows local administrators to bypass unspecified "security software" and gain privileges via a crafted call that triggers an overwrite of an arbitrary memory location. NOTE: the vendor disputes the significance of this report, stating that 'the Administrator to SYSTEM "escalation" is not a security boundary we defend.

Exploits (1)

exploitdb SUSPICIOUS VERIFIED

by NT Internals · textlocalwindows

https://www.exploit-db.com/exploits/9301

View Code ZIP pw:eip

The provided ExploitDB entry does not contain actual exploit code but instead points to an external download link for the exploit. This is a common tactic used in suspicious repositories to lure researchers into downloading potentially malicious files.

Classification

Suspicious 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Theoretical

Target: Microsoft Windows XP Service Pack 2 and 3 (win32k.sys <= 5.1.2600.5796)

No auth needed

Prerequisites: Local access to the target system

MITRE ATT&CK