Lucene search

[email protected]CVE-2011-0673

HistoryApr 13, 2011 - 8:26 p.m.

CVE-2011-0673

2011-04-1320:26:24

[email protected]

web.nvd.nist.gov

cve-2011-0673

win32k.sys

kernel-mode drivers

microsoft windows

xp sp3

local users

privilege escalation

null pointer dereference

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, aka “Win32k Null Pointer De-reference Vulnerability.”

Affected configurations

NVD

Node

microsoftwindows_xpsp3

CPENameOperatorVersion
microsoft:windows_xpmicrosoft windows xpeq*

CPE	Name	Operator	Version
microsoft:windows_xp	microsoft windows xp	eq	*

References

blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx

secunia.com/advisories/44156

support.avaya.com/css/P8/documents/100133352

www.securityfocus.com/bid/47234

www.securitytracker.com/id?1025345

www.us-cert.gov/cas/techalerts/TA11-102A.html

www.vupen.com/english/advisories/2011/0952

docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034

exchange.xforce.ibmcloud.com/vulnerabilities/66402

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12546

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2011-0673

cvelist1 prion1 nvd1 openvas2 nessus1 securityvulns1