[Forgot Password]
Login  Register Subscribe

23631

 
 

117835

 
 

98503

 
 

909

 
 

79321

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2011-1870

Date: (C)2011-07-13   (M)2017-09-22 


Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvWriteConsoleOutputString Vulnerability."

CVSS Score: 7.2Access Vector: LOCAL
Exploit Score: 3.9Access Complexity: LOW
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
BID-48605
OSVDB-73795
MS11-056
TA11-193A

CPE    5
cpe:/o:microsoft:windows_xp:-:sp2:x64
cpe:/o:microsoft:windows_server_2003::sp2:x64
cpe:/o:microsoft:windows_server_2003::sp2:itanium
cpe:/o:microsoft:windows_2003_server::sp2
...
CWE    1
CWE-189
OVAL    2
oval:org.secpod.oval:def:1414
oval:org.secpod.oval:def:1413

© 2013 SecPod Technologies