Microsoft Windows TCP/IP Stack Privilege Escalation Vulnerabilities
The information has been provided by Matt Bergin of KoreLogic Security .
* Microsoft Windows Server 2003 SP2
Microsoft Windows TCP/IP stack (tcpip.sys and tcpip6.sys) could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper handling of objects in memory. By running a specially crafted application, an authenticated attacker could exploit this vulnerability to run arbitrary code in the context of another process and potentially take complete control over the system.
Original release date: 11/11/2014
Last revised: 11/12/2014