iveresk / cve-2022-21907-http.sys Goto Github PK
View Code? Open in Web Editor NEWAn unauthenticated attacker can send an HTTP request with an "Accept-Encoding" HTTP request header triggering a double free in the unknown coding-list inside the HTTP Protocol Stack (http.sys) to process packets, resulting in a kernel crash.
License: MIT License