THREATOPS
THREAT OPSCVEs › CVE-2013-3660

CVE-2013-3660 — Microsoft Win32k Privilege Escalation Vulnerability

CISA KEVExploited: confirmedMicrosoft

The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges.

Vulnerability details