[] NeoSense
E X P L O I T S
title author type platform port cve id

Microsoft Windows Kernel - 'UserCommitDesktopMemory' Use-After-Free (MS15-073)

Author: Nils Sommer
type: dos
platform: windows_x86
port: 
date_added: 2015-09-22 
date_updated: 2015-09-22 
verified: 1 
codes: CVE-2015-2365;OSVDB-124588;MS15-073 
tags: 
aliases:  
screenshot_url:  
application_url: 
Source: https://code.google.com/p/google-security-research/issues/detail?id=335

Freed memory is accessed after switching between two desktops of which one is closed. The testcase crashes with and without special pool enabled. The attached crash output is with special enabled on win32k.sys and ntoskrnl.sys.

Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38267.zip
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.