MS Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2790113)

This host is missing an important security update according to Microsoft Bulletin MS13-019. OpenVAS Vulnerability Test $Id: secpodms13-019.nasl 5346 2017-02-19 08:43:11Z cfi $ MS Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability 2790113 Authors: Antu Sanadi Copyright:...

Privilege escalation

Csrsrv.dll in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process...

Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2620712)

This host is missing an important security update according to Microsoft Bulletin MS11-097. OpenVAS Vulnerability Test $Id: secpodms11-097.nasl 5362 2017-02-20 12:46:39Z cfi $ Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability 2620712 Authors: Rachana Shetty Copyright:...

Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2567680)

This host is missing a critical security update according to Microsoft Bulletin MS11-063. OpenVAS Vulnerability Test $Id: secpodms11-063.nasl 8724 2018-02-08 15:02:56Z cfischer $ Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability 2567680 Authors: Antu Sanadi...

Null pointer dereference

The Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly initialize memory and consequently uses a NULL...

Integer overflow

Integer overflow in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges or cau...

CVE-2011-1283

The CVE-2011-1283 entry concerns the Windows CSRSS component in the Win32 subsystem. The vulnerability arises from an array index check flaw in SrvSetConsoleNumberOfCommand, allowing a local attacker to cause memory corruption and elevate privileges by triggering an incorrect memory assignment fo...

CVE-2011-1281

The Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly restrict the number of console objects for a...

Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2476687)

This host is missing a critical security update according to Microsoft Bulletin MS11-010. OpenVAS Vulnerability Test $Id: secpodms11-010.nasl 5362 2017-02-20 12:46:39Z cfi $ Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability 2476687 Authors: Sooraj KS Copyright: Copyright ...

Microsoft Ships 12 Bulletins in February's Patch Tuesday

Microsoft addressed 22 flaws with 12 separate bulletins in February’s edition of Patch Tuesday, including three bulletins that were rated critical with the remaining nine rated as important. Among the programs affected are Microsoft Windows, Internet Explorer, Office, Visual Studio, and IIS. The...

CVE-2007-1209

Use-after-free vulnerability in the Client/Server Run-time Subsystem CSRSS in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a...

Design/Logic Flaw

Use-after-free vulnerability in the Client/Server Run-time Subsystem CSRSS in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a...

CVE-2006-6797

The Client Server Run-Time Subsystem CSRSS in Microsoft Windows allows local users to cause a denial of service crash or read arbitrary memory from csrss.exe via crafted arguments to the NtRaiseHardError function with status 0x50000018, a different vulnerability than CVE-2006-6696...