Elevation of privilege vulnerability in Windows CSRSS (II)ID: oval:org.secpod.oval:def:1411 | Date: (C)2011-07-13 (M)2023-12-14 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Windows XP or Windows server 2003 or Windows server 2008 or Windows Vista and is prone to elevation of privilege vulnerability. A flaw is present in Client/Server Run-time Subsystem (CSRSS) that is caused when user input is used as an index for an array without first checking it for a negative value. Successful exploitation allows remote attacker to run arbitrary code in kernel mode.
Platform: |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows XP |