Microsoft Lync Remote Code Execution Vulnerabilities (2707956)

This host is missing a critical security update according to Microsoft Bulletin MS12-039. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2709162)

This host is missing an important security update according to Microsoft Bulletin MS12-041. OpenVAS Vulnerability Test $Id: secpodms12-041.nasl 5341 2017-02-18 16:59:12Z cfi $ Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities 2709162 Authors: Antu Sanadi Copyright: Copyright c 2012...

Windows Kernel-Mode Drivers Win32k.sys竞争条件漏洞 (CVE-2012-1868) (MS12-041)

CVE ID: CVE-2012-1868 Microsoft Windows是微软公司推出的一系列操作系统。 Windows内核处理特定线程创建时存在权限提升漏洞，成功利用后可允许在内核模式中运行任意代码。 0 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Vista Microsoft Server 2008 Microsoft Windows 7 厂商补丁： Microsoft --------- Microsoft已经为此发布了一个安全公告（ms12-041）以及相应补丁:...

Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2709162)

This host is missing an important security update according to Microsoft Bulletin MS12-041. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS12-041: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2709162)

The remote Windows host is affected by several vulnerabilities in the Kernel-Mode drivers that could allow elevation of privilege : - Flaws in the way the Windows kernel-mode drivers manage driver objects could be exploited to execute arbitrary code in kernel mode. CVE-2012-1864, CVE-2012-1865,...

CVE-2012-1866

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to...

CVE-2012-1864

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to...

CVE-2012-1867

Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted TrueType font file that triggers...

Design/Logic Flaw

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to...

Race condition

Race condition in the thread-creation implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application, aka "Win32k.sys Race Condition Vulnerability."...

Spoofing

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to...

CVE-2012-1866

CVE-2012-1866 concerns a local privilege escalation in the Windows kernel-mode drivers, specifically the win32k.sys component. The issue arises from improper handling of user-mode input passed to kernel-mode driver objects, enabling a local attacker to gain elevated privileges via a crafted appli...

CVE-2012-1865

CVE-2012-1865 affects Microsoft Windows kernel- mode drivers (notably win32k.sys) across multiple OS versions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, and Windows 7 SP1). The root cause, as described in the CVE entry, is that user-mode input passed to kernel mode for driver ob...

CVE-2012-1867

CVE-2012-1867 is a local privilege-escalation flaw in Windows where an integer overflow in win32k.sys (font resource handling) could allow a local attacker to gain SYSTEM-level privileges via a crafted TrueType font. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows V...

CVE-2012-1868

Race condition in the thread-creation implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application, aka "Win32k.sys Race Condition Vulnerability."...

CVE-2012-1864

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to...

CVE-2012-1864

CVE-2012-1864/1865 affect Windows kernel-mode, specifically win32k.sys, across multiple XP/2003/Vista/2008/7 builds. The root cause is improper handling of user-mode input passed to kernel-mode driver objects, enabling local privilege escalation. The linked documents confirm two CVEs (1864/1865) ...

CVE-2012-1865

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to...

CVE-2012-1868

CVE-2012-1868 is a local privilege-escalation vulnerability in Windows, caused by a race condition in the thread-creation path of win32k.sys (kernel-mode drivers). Exploitation would allow a local attacker to gain SYSTEM-level privileges via a crafted application on affected Windows XP SP3 system...

CVE-2012-1866

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to...