Vulnerability: Local Privilege Escalation via CreateRemoteThread Function in Microsoft Windows XP, 2000, and 2003

Vulnerability: Local Privilege Escalation via CreateRemoteThread Function in Microsoft Windows XP, 2000, and 2003

CVE-2005-3981 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

NOTE: this issue has been disputed by third parties. Microsoft Windows XP, 2000, and 2003 allows local users to kill a writable process by using the CreateRemoteThread function with certain arguments on a process that has been opened using the OpenProcess function, possibly involving an invalid address for the start routine. NOTE: followup posts have disputed this issue, saying that if a user already has privileges to write to a process, then other functions could be called or the process could be terminated using PROCESS_TERMINATE

Learn more about our User Device Pen Test.