CVE-2011-1227

CVE-2011-1227 affects the Windows kernel’s win32k.sys (kernel-mode drivers). The vulnerability is a NULL pointer de-reference in the Win32k subsystem that enables local attackers to gain privileges on multiple Windows versions, including Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista ...

CVE-2011-1231

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer...

CVE-2011-0673

CVE-2011-0673 affects Windows XP SP3 with a NULL pointer de-reference in win32k.sys (kernel-mode). The issue allows local users to gain privileges via a crafted application, as part of a broader set of Windows kernel NULL-dereference and use-after-free vulnerabilities described under MS11-034 (Wi...

CVE-2011-1230

CVE-2011-1230 affects Windows kernel components, specifically win32k.sys in the kernel-mode drivers. The vulnerability is a NULL pointer de-reference in win32k.sys, leading to local privilege escalation. Affected products include Windows XP (SP2–SP3), Windows Server 2003 (SP2), Windows Vista (SP1...

CVE-2011-1228

CVE-2011-1228 affects Microsoft Windows kernel-mode driver component win32k.sys. A NULL pointer de-reference in win32k allowed local attackers to gain kernel-level privileges on affected OS versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 SP2/R2, Windows 7 Gold/SP1). The issue is...

CVE-2011-0671

The CVE-2011-0671 issue affects Windows kernel-mode driver win32k.sys and is caused by a use-after-free from incorrect driver object management. Affects Windows XP SP2-SP3, Server 2003 SP2, Vista SP1-SP2, Server 2008 Gold/SP2/R2 and R2 SP1, and Windows 7 Gold/SP1. Local privilege escalation is po...

CVE-2011-0662

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application...

CVE-2011-0667

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application...

Double free

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application...

Double free

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application...

CVE-2011-0670

CVE-2011-0670 describes a use-after-free vulnerability in win32k.sys within Windows kernel-mode drivers that enables local privilege escalation. Affected are Windows XP (SP2/SP3), Windows Server 2003 (SP2), Windows Vista (SP1/SP2), Windows Server 2008 (Gold, SP2, R2, R2 SP1), and Windows 7 (Gold,...

CVE-2011-0666

CVE-2011-0666 is a use-after-free vulnerability in the Windows kernel-mode driver win32k.sys affecting Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 (Gold, SP2, R2, R2 SP1), and Windows 7 (Gold, SP1). The issue arises from incorrect driver object manageme...

PT-2011-2031 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: A remote code execution issue exists due to improper parsing of specially crafted OpenType fonts by the OpenType Font OTF driver. This allows attackers to execute arbitrary co...

Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2506223)

This host is missing a critical security update according to Microsoft Bulletin MS11-034. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

PT-2011-2964 · Microsoft · Windows Kernel-Mode Driver +6

Name of the Vulnerable Software and Affected Versions: Windows XP versions SP2 through SP3 Windows Server 2003 version SP2 Windows Vista versions SP1 through SP2 Windows Server 2008 versions Gold through R2 SP1 Windows 7 versions Gold through SP1 Description: The issue allows local users to gain...

PT-2011-2974 · Microsoft · Windows Server 2003 +4

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 and SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 and SP2 Microsoft Windows Server 2008 versions Gold, SP2, R2, and R2 SP1 Microsoft Windows 7 versions Gold and SP1...

Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2506223)

This host is missing a critical security update according to Microsoft Bulletin MS11-034. OpenVAS Vulnerability Test $Id: secpodms11-034.nasl 8724 2018-02-08 15:02:56Z cfischer $ Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities 2506223 Authors: Veerendra GG Copyright: Copyright c...

MS11-034: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2506223)

The remote host is running a version of the Windows kernel that is affected by the following types of vulnerabilities : - Several use-after-free vulnerabilities exist due to the way that Windows kernel-mode drivers manage kernel-mode driver objects. CVE-2011-0662, CVE-2011-0665, CVE-2011-0666,...

PT-2011-2972 · Microsoft · Windows Server 2003 +4

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 through SP2 Microsoft Windows Server 2008 versions Gold through R2 SP1 Microsoft Windows 7 versions Gold through SP1...

MS11-032: Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2507618)

The remote Windows host contains a version of the OpenType Compact Font Format CFF Font Driver that improperly parses specially crafted OpenType fonts. A remote attacker could exploit this by tricking a user into viewing content rendered in a specially crafted CFF font via vectors such as web,...