CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2011/07/13 11:0 p.m.•62 views

CVE-2011-1886

CVE-2011-1886: Information-disclosure in Win32k.sys (Windows XP SP3 kernel-mode driver) due to improper validation of function parameters, enabling local users to read kernel memory via a crafted application that triggers a NULL pointer dereference. Affected component is Win32k.sys; impact is ker...

2.1CVSS5.9AI score0.00315EPSS

Exploits0References8Affected Software1

Vulnrichment•added 2011/07/13 11:0 p.m.•7 views

CVE-2011-1874

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application...

7AI score0.01031EPSS

Exploits1References8

Cvelist•added 2011/07/13 11:0 p.m.•22 views

CVE-2011-1874

6.3AI score0.01031EPSS

Exploits1References8

Cvelist•added 2011/07/13 11:0 p.m.•28 views

CVE-2011-1888

6.2AI score0.00948EPSS

Exploits2References7

CVE•added 2011/07/13 11:0 p.m.•73 views

CVE-2011-1885

The CVE-2011-1885 issue affects Win32k.sys in multiple Windows OS versions (Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2/R2 SP1, Windows 7 Gold/SP1). It is a local privilege escalation caused by a NULL pointer dereference in kernel‑mode drivers, allowing a crafted a...

7.2CVSS6.4AI score0.0099EPSS

CVE•added 2011/07/13 11:0 p.m.•64 views

CVE-2011-1880

CVE-2011-1880 affects Windows kernel-mode drivers, specifically Win32k.sys, across multiple OS versions (Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold SP2/R2 and R2 SP1, Windows 7 Gold/SP1). The vulnerability is a NULL pointer de-reference in Win32k....

7.2CVSS6.4AI score0.0099EPSS

Vulnrichment•added 2011/07/13 11:0 p.m.•11 views

CVE-2011-1881

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer...

6.6AI score0.00851EPSS

CVE•added 2011/07/13 11:0 p.m.•58 views

CVE-2011-1883

CVE-2011-1883 is a use-after-free vulnerability in win32k.sys (kernel-mode drivers) across Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7 SP1. The flaw stems from incorrect driver object management in kernel-mode, enabling local privilege escalation to ...

Cvelist•added 2011/07/13 11:0 p.m.•30 views

CVE-2011-1884

6.3AI score0.0073EPSS

CVE•added 2011/07/13 11:0 p.m.•63 views

CVE-2011-1888

CVE-2011-1888 corresponds to a Windows kernel privilege-escalation flaw in the Win32k.sys driver. The vulnerability is a NULL pointer dereference in kernel-mode code that could allow a local attacker to gain elevated privileges on affected Windows versions (Vista SP1/SP2, Windows Server 2008 Gold...

7.2CVSS6.3AI score0.00948EPSS

Exploits2References7Affected Software3

Cvelist•added 2011/07/13 11:0 p.m.•21 views

CVE-2011-1881

6.3AI score0.00851EPSS

Cvelist•added 2011/07/13 11:0 p.m.•21 views

CVE-2011-1880

6.3AI score0.0099EPSS

CVE•added 2011/07/13 11:0 p.m.•59 views

CVE-2011-1882

The CVE-2011-1882 entry documents a local privilege-escalation vulnerability in Windows kernel-mode drivers, specifically in win32k.sys. The issue arises from a use-after-free condition due to incorrect driver object management, enabling a crafted user-space application to trigger privilege escal...

Cvelist•added 2011/07/13 11:0 p.m.•25 views

CVE-2011-1876

6.3AI score0.0073EPSS

Exploits1References8

Cvelist•added 2011/07/13 11:0 p.m.•19 views

CVE-2011-1886

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 does not properly validate the arguments to functions, which allows local users to read arbitrary data from kernel memory via a crafted application that triggers a NULL pointer dereference, aka "Win32k Incorrect Parameter Validatio...

5.8AI score0.00315EPSS

Positive Technologies•added 2011/07/13 12:0 a.m.•3 views

PT-2011-3439 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 through SP2 Microsoft Windows Server 2008 versions Gold through R2 SP1 Microsoft Windows 7 versions Gold through SP1...

7.2CVSS6.6AI score0.0073EPSS

Positive Technologies•added 2011/07/13 12:0 a.m.•2 views

PT-2011-3444 · Microsoft · Windows Server 2003 +5

7.2CVSS6.6AI score0.0073EPSS

Positive Technologies•added 2011/07/13 12:0 a.m.•2 views

PT-2011-3443 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 and SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 and SP2 Microsoft Windows Server 2008 versions Gold, SP2, R2, and R2 SP1 Microsoft Windows 7 versions Gold and SP1...

Positive Technologies•added 2011/07/13 12:0 a.m.•2 views

PT-2011-3445 · Microsoft · Windows Server 2003 +5