MS11-010

Executive Summary

Summary
Title	Vulnerability in Windows Client/Server Run

Informations
Name	MS11-010	First vendor Publication	2011-02-08
Vendor	Microsoft	Last vendor Modification	2011-02-08
Severity (Vendor)	Important	Revision	1.0

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:N/A:N)
Cvss Base Score	4.7	Attack Range	Local
Cvss Impact Score	6.9	Attack Complexity	Medium
Cvss Expoit Score	3.4	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V1.0 (February 8, 2011): Bulletin published

Summary: This security update resolves a privately reported vulnerability in the Microsoft Windows Client/Server Run-time Subsystem (CSRSS) in Windows XP and Windows Server 2003. This security update is rated Important for all supported editions of these operating systems. For more information, see the subsection, Affected and Non-Affected Software, in this section. The vulnerability could allow elevation of privilege if an attacker logs on to a user's system and starts a specially crafted application that continues running after the attacker logs off in order to obtain the logon credentials of subsequent users. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.

Original Source

Url : http://www.microsoft.com/technet/security/bulletin/MS11-010.mspx

CWE : Common Weakness Enumeration

id	Name
CWE-264	Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12476

Oval ID:	oval:org.mitre.oval:def:12476
Title:	CSRSS Elevation of Privilege Vulnerability
Description:	The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly kill processes after a logout, which allows local users to obtain sensitive information or gain privileges via a crafted application that continues to execute throughout the logout of one user and the login session of the next user, aka "CSRSS Elevation of Privilege Vulnerability," a different vulnerability than CVE-2010-0023.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-0030	Version:	4
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003	Product(s):
Definition Synopsis:
Vulnerable Microsoft Windows XP (x86) SP3 Microsoft Windows XP (x86) SP3 is installed AND Csrsrv.dll version is less than 5.1.2600.6055 OR Vulnerable Microsoft Windows XP x64 SP2, Server 2003 x86/x64/ia64 SP2 IF Microsoft Windows XP x64 Edition SP2 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND Csrsrv.dll version is less than 5.2.3790.4803

CPE : Common Platform Enumeration

Type	Description	Count
Os	Microsoft Windows 2003 Server cpe:/o:microsoft:windows_2003_server::sp2:x64 cpe:/o:microsoft:windows_2003_server::sp2 cpe:/o:microsoft:windows_2003_server::sp2:itanium	3
Os	Microsoft Windows Xp cpe:/o:microsoft:windows_xp:-:sp2:x64 cpe:/o:microsoft:windows_xp::sp3	2

Open Source Vulnerability Database (OSVDB)

id	Description
70826	Microsoft Windows CSRSS Logoff Process Termination Local Information Disclosure

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-02-14 17:19:59	Multiple Updates

Type	Count
Oval ID(s)	1
CPE ID(s)	5
osvdb(s)	1

Related	Severity
MS11-097	(High)
MS11-056	(High)
MS10-011	(Medium)
CVE-2011-0030	(Medium)

Same Subject	Severity
Login to view 10 more Alert(s)

MS11-010

Executive Summary

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU