Vulnerabilities > CVE-2011-1874 - Resource Management Errors vulnerability in Microsoft products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 17 |
Common Weakness Enumeration (CWE)
Msbulletin
bulletin_id | MS11-054 |
bulletin_url | |
date | 2011-07-12T00:00:00 |
impact | Elevation of Privilege |
knowledgebase_id | 2555917 |
knowledgebase_url | |
severity | Important |
title | Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS11-054.NASL |
description | The remote host is running a version of the Windows kernel that is affected by the following vulnerabilities : - Multiple privilege escalation vulnerabilities exist due to the way that Windows kernel-mode drivers manage driver objects. (CVE-2011-1874, CVE-2011-1875, CVE-2011-1876, CVE-2011-1877, CVE-2011-1878, CVE-2011-1879, CVE-2011-1880, CVE-2011-1881, CVE-2011-1882, CVE-2011-1883, CVE-2011-1884, CVE-2011-1885, CVE-2011-1887, CVE-2011-1888) - An information disclosure vulnerability exists due to the way that Windows kernel-mode drivers validate function parameters. (CVE-2011-1886) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 55570 |
published | 2011-07-12 |
reporter | This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/55570 |
title | MS11-054: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917) |
code |
|
Oval
accepted | 2013-05-06T04:00:48.331-04:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
description | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:12585 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
submitted | 2011-07-12T13:00:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
title | Win32k Use After Free Vulnerability (CVE-2011-1874) | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
version | 75 |
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 48587 CVE ID: CVE-2011-1874 Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft Windows在实现上存在Win32k释放后重用漏洞,攻击者可利用此漏洞在内核模式下运行任意代码。 权限提升漏洞源于Windows内核模式驱动程序管理内核模式驱动程序对象的方式存在问题。 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2003 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS11-054)以及相应补丁: MS11-054:Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917) 链接:http://www.microsoft.com/technet/security/bulletin/MS11-054.asp |
id | SSV:20726 |
last seen | 2017-11-19 |
modified | 2011-07-14 |
published | 2011-07-14 |
reporter | Root |
title | Windows Win32k.sys本地权限提升漏洞(CVE-2011-1874)(MS11-054) |
References
- http://support.avaya.com/css/P8/documents/100144947
- http://secunia.com/advisories/45186
- http://www.securityfocus.com/bid/48587
- http://www.securitytracker.com/id?1025761
- http://osvdb.org/73777
- http://www.us-cert.gov/cas/techalerts/TA11-193A.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12585
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-054