Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:26056
HistoryDec 15, 2011 - 12:00 a.m.

Microsoft Windows CSRSS本地权限提升漏洞(MS11-097)

2011-12-1500:00:00
Root
www.seebug.org
11

0.001 Low

EPSS

Percentile

27.6%

JSON

BUGTRAQ ID: 50972
CVE ID: CVE-2011-3408

csrss.exe系统进程是微软客户端、服务端运行时子系统,管理Windows图形相关任务。

Microsoft Windows CSRSS在实现上存在本地权限提升漏洞,成功利用后可允许本地攻击者以管理员权限执行任意代码。

Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2003
Microsoft Windows 7
厂商补丁:

Microsoft

Microsoft已经为此发布了一个安全公告(MS11-097)以及相应补丁:

MS11-097:Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2620712)

链接:http://www.microsoft.com/technet/security/bulletin/MS11-097.asp

Related

openvas 2
symantec 1
cve 1
nessus 1
prion 1
securityvulns 1
openvas
openvas
Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2620712)
2011-12-14 00:00:00
Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2620712)
2011-12-14 00:00:00
symantec
symantec
Microsoft Windows CSRSS CVE-2011-3408 Local Privilege Escalation Vulnerability
2011-12-13 00:00:00
cve
cve
CVE-2011-3408
2011-12-14 00:55:00
nessus
nessus
MS11-097: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2620712)
2011-12-13 00:00:00
prion
prion
Privilege escalation
2011-12-14 00:55:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2011-12-26 00:00:00

0.001 Low

EPSS

Percentile

27.6%

JSON
Related for SSV:26056
openvas2symantec1cve1nessus1prion1securityvulns1