Windows : Microsoft Bulletins : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2479628)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.901182

Categoría: Windows : Microsoft Bulletins

Título: Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2479628)

Resumen: This host is missing a critical security update according to; Microsoft Bulletin MS11-012.

Descripción: Summary:
This host is missing a critical security update according to
Microsoft Bulletin MS11-012.

Vulnerability Insight:
The flaws are caused by input validation errors, improper pointer validation,
pointer confusions, and memory corruption errors in the Windows kernel-mode
drivers 'win32k.sys' when processing data supplied from user mode to kernel
mode, which could allow malicious users to execute arbitrary code with kernel
privileges.

Vulnerability Impact:
Successful exploitation could allow local attackers to gain elevated
privileges.

Affected Software/OS:
- Microsoft Windows 7

- Microsoft Windows XP Service Pack 3 and prior

- Microsoft Windows 2K3 Service Pack 2 and prior

- Microsoft Windows Vista Service Pack 2 and prior

- Microsoft Windows Server 2008 Service Pack 2 and prior

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-0086
BugTraq ID: 46141
http://www.securityfocus.com/bid/46141
Microsoft Security Bulletin: MS11-012
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-012
http://osvdb.org/70818
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12070
http://secunia.com/advisories/43255
http://www.vupen.com/english/advisories/2011/0325
Common Vulnerability Exposure (CVE) ID: CVE-2011-0087
BugTraq ID: 46148
http://www.securityfocus.com/bid/46148
http://osvdb.org/70819
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12312
Common Vulnerability Exposure (CVE) ID: CVE-2011-0088
BugTraq ID: 46147
http://www.securityfocus.com/bid/46147
http://osvdb.org/70816
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12553
Common Vulnerability Exposure (CVE) ID: CVE-2011-0089
BugTraq ID: 46149
http://www.securityfocus.com/bid/46149
http://osvdb.org/70817
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11638
Common Vulnerability Exposure (CVE) ID: CVE-2011-0090
BugTraq ID: 46150
http://www.securityfocus.com/bid/46150
http://osvdb.org/70814
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12455

Copyright Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.901182
Categoría:	Windows : Microsoft Bulletins
Título:	Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2479628)
Resumen:	This host is missing a critical security update according to; Microsoft Bulletin MS11-012.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS11-012. Vulnerability Insight: The flaws are caused by input validation errors, improper pointer validation, pointer confusions, and memory corruption errors in the Windows kernel-mode drivers 'win32k.sys' when processing data supplied from user mode to kernel mode, which could allow malicious users to execute arbitrary code with kernel privileges. Vulnerability Impact: Successful exploitation could allow local attackers to gain elevated privileges. Affected Software/OS: - Microsoft Windows 7 - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2K3 Service Pack 2 and prior - Microsoft Windows Vista Service Pack 2 and prior - Microsoft Windows Server 2008 Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0086 BugTraq ID: 46141 http://www.securityfocus.com/bid/46141 Microsoft Security Bulletin: MS11-012 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-012 http://osvdb.org/70818 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12070 http://secunia.com/advisories/43255 http://www.vupen.com/english/advisories/2011/0325 Common Vulnerability Exposure (CVE) ID: CVE-2011-0087 BugTraq ID: 46148 http://www.securityfocus.com/bid/46148 http://osvdb.org/70819 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12312 Common Vulnerability Exposure (CVE) ID: CVE-2011-0088 BugTraq ID: 46147 http://www.securityfocus.com/bid/46147 http://osvdb.org/70816 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12553 Common Vulnerability Exposure (CVE) ID: CVE-2011-0089 BugTraq ID: 46149 http://www.securityfocus.com/bid/46149 http://osvdb.org/70817 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11638 Common Vulnerability Exposure (CVE) ID: CVE-2011-0090 BugTraq ID: 46150 http://www.securityfocus.com/bid/46150 http://osvdb.org/70814 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12455
Copyright	Copyright (C) 2011 Greenbone AG