Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
NameCVE-2011-1870First vendor Publication2011-07-13
VendorCveLast vendor Modification2011-10-04

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score7.2Attack RangeLocal
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvWriteConsoleOutputString Vulnerability."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1870

CWE : Common Weakness Enumeration

idName
CWE-189Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12889
 
Oval ID: oval:org.mitre.oval:def:12889
Title: CSRSS Local EOP SrvWriteConsoleOutputString Vulnerability
Description: Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvWriteConsoleOutputString Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2011-1870
Version: 4
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os1
Os2
Os2

OpenVAS Exploits

DateDescription
2011-07-13Name : Microsoft Windows CSRSS Privilege Escalation Vulnerabilities (2507938)
File : nvt/secpod_ms11-056.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
73795Microsoft Windows CSRSS SrvWriteConsoleOutputString() Function Local Overflow

Snort® IPS/IDS

DateDescription
2014-01-10Microsoft CSRSS integer overflow attempt
RuleID : 19464 - Revision : 6 - Type : OS-WINDOWS
2014-01-10Microsoft Windows CSRSS double free attempt
RuleID : 19463 - Revision : 9 - Type : OS-WINDOWS
2014-01-10Microsoft Windows CSRSS negative array index code execution attempt
RuleID : 19462 - Revision : 9 - Type : OS-WINDOWS
2014-01-10Microsoft CSRSS NULL Fontface pointer attempt
RuleID : 19461 - Revision : 12 - Type : OS-WINDOWS
2014-01-10Microsoft Windows CSRSS multiple consoles on a single process attempt
RuleID : 19460 - Revision : 6 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

DateDescription
2011-07-12Name : Users can elevate their privileges on the remote host.
File : smb_nt_ms11-056.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/48605
CERThttp://www.us-cert.gov/cas/techalerts/TA11-193A.html
MShttp://www.microsoft.com/technet/security/Bulletin/MS11-056.mspx
OSVDBhttp://osvdb.org/73795

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2014-02-17 11:02:18
  • Multiple Updates
2014-01-19 21:27:47
  • Multiple Updates
2013-05-10 23:00:17
  • Multiple Updates