Vigil@nce - Windows: information disclosure via Kernel
May 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
local attacker can read a memory fragment of the Windows Kernel,
in order to obtain sensitive information to bypass ASLR.
Impacted products: Microsoft Windows 2012, Windows 8, Windows RT
Severity: 1/4
Creation date: 12/05/2015
DESCRIPTION OF THE VULNERABILITY
The Windows kernel uses ASLR in order to randomize memory
addresses used by programs and libraries.
However, an attacker can obtain the base address of cng.sys.
A local attacker can therefore read a memory fragment of the
Windows Kernel, in order to obtain sensitive information to bypass
ASLR.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Windows-information-disclosure-via-Kernel-16893