Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1234) Local Privilege Escalation Vulnerability

2011-04-1200:00:00

Symantec Security Response

www.symantec.com

0.0004 Low

EPSS

Percentile

0.4%

JSON

Description

Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause a denial-of-service condition.

Technologies Affected

Avaya Aura Conferencing 6.0 SP1 Standard
Avaya Aura Conferencing 6.0 Standard
Avaya CallPilot 4.0
Avaya CallPilot 5.0
Avaya Communication Server 1000 Telephony Manager 3.0
Avaya Communication Server 1000 Telephony Manager 4.0
Avaya Meeting Exchange - Client Registration Server
Avaya Meeting Exchange - Recording Server
Avaya Meeting Exchange - Streaming Server
Avaya Meeting Exchange - Web Conferencing Server
Avaya Meeting Exchange - Webportal
Avaya Meeting Exchange 5.0
Avaya Meeting Exchange 5.0 SP1
Avaya Meeting Exchange 5.0 SP2
Avaya Meeting Exchange 5.0.0.0.52
Avaya Meeting Exchange 5.1
Avaya Meeting Exchange 5.1 SP1
Avaya Meeting Exchange 5.2
Avaya Meeting Exchange 5.2 SP1
Avaya Meeting Exchange 5.2 SP2
Avaya Messaging Application Server 4
Avaya Messaging Application Server 5
Microsoft Windows XP
Microsoft Windows XP
Microsoft Windows XP Embedded
Microsoft Windows XP Embedded SP1
Microsoft Windows XP Embedded SP2
Microsoft Windows XP Embedded SP3
Microsoft Windows XP Home
Microsoft Windows XP Home SP1
Microsoft Windows XP Home SP2
Microsoft Windows XP Home SP3
Microsoft Windows XP Media Center Edition 2005 SP3
Microsoft Windows XP Media Center Edition
Microsoft Windows XP Media Center Edition SP1
Microsoft Windows XP Media Center Edition SP2
Microsoft Windows XP Media Center Edition SP3
Microsoft Windows XP Service Pack 3
Microsoft Windows XP Tablet PC Edition
Microsoft Windows XP Tablet PC Edition SP1
Microsoft Windows XP Tablet PC Edition SP2
Microsoft Windows XP Tablet PC Edition SP3

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
To exploit this vulnerability, an attacker requires local access to an affected computer. Grant local access for trusted and accountable users only.

Vendor updates are available. Please see the referenced advisory for more information.

CPENameOperatorVersion
avaya communication servereq1000 Telephony Manager 4.0 
avaya messaging application servereq5 
avaya callpiloteq5.0 
avaya meeting exchangeeq5.1 
microsoft windows xp service packeq3 
avaya aura conferencingeq6.0 Standard 
avaya messaging application servereq4 
avaya meeting exchangeeq5.2 
avaya meeting exchangeeq5.2 SP2 
microsoft windows xp media center editioneq2005 SP3 

Name	Operator	Version
avaya communication server	eq	1000 Telephony Manager 4.0
avaya messaging application server	eq	5
avaya callpilot	eq	5.0
avaya meeting exchange	eq	5.1
microsoft windows xp service pack	eq	3
avaya aura conferencing	eq	6.0 Standard
avaya messaging application server	eq	4
avaya meeting exchange	eq	5.2
avaya meeting exchange	eq	5.2 SP2
microsoft windows xp media center edition	eq	2005 SP3

Rows per page:

1-10 of 191

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for SMNTC-47234