[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2011-0673Date: (C)2011-04-13   (M)2023-12-22


win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, aka "Win32k Null Pointer De-reference Vulnerability."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.2
Exploit Score: 3.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1025345
SECUNIA-44156
BID-47234
ADV-2011-0952
MS11-034
TA11-102A
http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx
http://support.avaya.com/css/P8/documents/100133352
mswin-win32k-var8-priv-escalation(66402)
oval:org.mitre.oval:def:12546

CPE    1
cpe:/o:microsoft:windows_xp::sp3
OVAL    2
oval:org.secpod.oval:def:692
oval:org.secpod.oval:def:823

© SecPod Technologies