Kernel Memory Modification and Execution Flow Manipulation in Windows NT 4.0 and 2000
CVE-2005-2827 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
The thread termination routine in the kernel for Windows NT 4.0 and 2000 (NTOSKRNL.EXE) allows local users to modify kernel memory and execution flow via steps in which a terminating thread causes Asynchronous Procedure Call (APC) entries to free the wrong data, aka the "Windows Kernel Vulnerability."
Learn more about our User Device Pen Test.