CVE-2012-0005 | Date: (C)2012-01-10 (M)2023-12-22 |
The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2, when a Chinese, Japanese, or Korean system locale is used, can access uninitialized memory during the processing of Unicode characters, which allows local users to gain privileges via a crafted application, aka "CSRSS Elevation of Privilege Vulnerability."
CVSS Score and Metrics +CVSS Score and Metrics -CVSS V2 Severity: |
CVSS Score : 6.9 |
Exploit Score: 3.4 |
Impact Score: 10.0 |
|
CVSS V2 Metrics: |
Access Vector: LOCAL |
Access Complexity: MEDIUM |
Authentication: NONE |
Confidentiality: COMPLETE |
Integrity: COMPLETE |
Availability: COMPLETE |
| |