Executive Summary
| Summary | |
|---|---|
| Title | Vulnerabilities in Windows Kernel |
| Informations | |||
|---|---|---|---|
| Name | MS11-034 | First vendor Publication | 2011-04-12 |
| Vendor | Microsoft | Last vendor Modification | 2011-04-12 |
| Severity (Vendor) | Important | Revision | 1.0 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.2 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Revision Note: V1.0 (April 12, 2011): Bulletin published.Summary: This security update resolves thirty privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users. |
Original Source
| Url : http://www.microsoft.com/technet/security/bulletin/MS11-034.mspx |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 95 % | CWE-399 | Resource Management Errors |
| 5 % | CWE-476 | NULL Pointer Dereference |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:11708 | |||
| Oval ID: | oval:org.mitre.oval:def:11708 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-0674) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0674 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:11726 | |||
| Oval ID: | oval:org.mitre.oval:def:11726 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-1239) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1239 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:11812 | |||
| Oval ID: | oval:org.mitre.oval:def:11812 | ||
| Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1233) | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1233 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:11942 | |||
| Oval ID: | oval:org.mitre.oval:def:11942 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-0671) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0671 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12014 | |||
| Oval ID: | oval:org.mitre.oval:def:12014 | ||
| Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1225) | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1225 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12017 | |||
| Oval ID: | oval:org.mitre.oval:def:12017 | ||
| Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1228) | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1228 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12036 | |||
| Oval ID: | oval:org.mitre.oval:def:12036 | ||
| Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1231) | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1231 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12164 | |||
| Oval ID: | oval:org.mitre.oval:def:12164 | ||
| Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1230) | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1230 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12167 | |||
| Oval ID: | oval:org.mitre.oval:def:12167 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-0672) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0672 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12183 | |||
| Oval ID: | oval:org.mitre.oval:def:12183 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-0675) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0675 | Version: | 10 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12221 | |||
| Oval ID: | oval:org.mitre.oval:def:12221 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-1234) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1234 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12302 | |||
| Oval ID: | oval:org.mitre.oval:def:12302 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-1235) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1235 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12337 | |||
| Oval ID: | oval:org.mitre.oval:def:12337 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-0670) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0670 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12340 | |||
| Oval ID: | oval:org.mitre.oval:def:12340 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-0667) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0667 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12347 | |||
| Oval ID: | oval:org.mitre.oval:def:12347 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-0666) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0666 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12392 | |||
| Oval ID: | oval:org.mitre.oval:def:12392 | ||
| Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1232) | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1232 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12416 | |||
| Oval ID: | oval:org.mitre.oval:def:12416 | ||
| Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-0676) | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0676 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12417 | |||
| Oval ID: | oval:org.mitre.oval:def:12417 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-1238) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1238 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12467 | |||
| Oval ID: | oval:org.mitre.oval:def:12467 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-1237) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1237 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12474 | |||
| Oval ID: | oval:org.mitre.oval:def:12474 | ||
| Title: | DEPRECATED: Win32k Null Pointer De-reference Vulnerability (CVE-2011-0676) | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0676 | Version: | 7 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12478 | |||
| Oval ID: | oval:org.mitre.oval:def:12478 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-1236) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1236 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12503 | |||
| Oval ID: | oval:org.mitre.oval:def:12503 | ||
| Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1229) | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1229 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12525 | |||
| Oval ID: | oval:org.mitre.oval:def:12525 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-1242) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1242 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12526 | |||
| Oval ID: | oval:org.mitre.oval:def:12526 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-0665) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0665 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12540 | |||
| Oval ID: | oval:org.mitre.oval:def:12540 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-1241) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1241 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12543 | |||
| Oval ID: | oval:org.mitre.oval:def:12543 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-0662) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0662 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12546 | |||
| Oval ID: | oval:org.mitre.oval:def:12546 | ||
| Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-0673) | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, aka "Win32k Null Pointer De-reference Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0673 | Version: | 3 |
| Platform(s): | Microsoft Windows XP | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12547 | |||
| Oval ID: | oval:org.mitre.oval:def:12547 | ||
| Title: | Win32k Use After Free Vulnerability (CVE-2011-1240) | ||
| Description: | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1240 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12613 | |||
| Oval ID: | oval:org.mitre.oval:def:12613 | ||
| Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1226) | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1226 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12653 | |||
| Oval ID: | oval:org.mitre.oval:def:12653 | ||
| Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-0677) | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0677 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12681 | |||
| Oval ID: | oval:org.mitre.oval:def:12681 | ||
| Title: | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1227) | ||
| Description: | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-1227 | Version: | 9 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-04-13 | Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2506223) File : nvt/secpod_ms11-034.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 71757 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71756 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71755 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71754 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71753 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71752 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71751 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71750 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71749 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71748 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71747 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71746 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71745 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71744 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71743 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71742 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71741 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71740 | Microsoft Windows win32k.sys Driver Use After Free Unspecified Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges. |
| 71739 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
| 71738 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
| 71737 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
| 71736 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
| 71735 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
| 71734 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
| 71732 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
| 71731 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
| 71730 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
| 71729 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
| 71728 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
| 71727 | Microsoft Windows win32k.sys Driver NULL Pointer De-reference Unspecified Loc... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges. |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-09-13 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 39863 - Revision : 2 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 18667 - Revision : 8 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 18666 - Revision : 8 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 18665 - Revision : 8 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 18664 - Revision : 8 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 18663 - Revision : 8 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 18662 - Revision : 9 - Type : OS-WINDOWS |
| 2014-01-10 | Microsoft Windows win32k.sys escalation of privilege attempt RuleID : 18661 - Revision : 8 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2011-04-13 | Name : The remote Windows kernel is affected by multiple vulnerabilities. File : smb_nt_ms11-034.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:46:58 |
|
| 2014-01-19 21:30:40 |
|
