Vulnerabilities > CVE-2011-1888 - Unspecified vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN microsoft
nessus
Summary
win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Null Pointer De-reference Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 13 |
Msbulletin
bulletin_id | MS11-054 |
bulletin_url | |
date | 2011-07-12T00:00:00 |
impact | Elevation of Privilege |
knowledgebase_id | 2555917 |
knowledgebase_url | |
severity | Important |
title | Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS11-054.NASL |
description | The remote host is running a version of the Windows kernel that is affected by the following vulnerabilities : - Multiple privilege escalation vulnerabilities exist due to the way that Windows kernel-mode drivers manage driver objects. (CVE-2011-1874, CVE-2011-1875, CVE-2011-1876, CVE-2011-1877, CVE-2011-1878, CVE-2011-1879, CVE-2011-1880, CVE-2011-1881, CVE-2011-1882, CVE-2011-1883, CVE-2011-1884, CVE-2011-1885, CVE-2011-1887, CVE-2011-1888) - An information disclosure vulnerability exists due to the way that Windows kernel-mode drivers validate function parameters. (CVE-2011-1886) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 55570 |
published | 2011-07-12 |
reporter | This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/55570 |
title | MS11-054: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917) |
code |
|
Oval
accepted | 2013-05-06T04:01:08.401-04:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
description | win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Null Pointer De-reference Vulnerability." | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:12898 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
submitted | 2011-07-12T13:00:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
title | Win32k Null Pointer De-reference Vulnerability (CVE-2011-1888) | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
version | 75 |
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 48603 CVE ID: CVE-2011-1888 Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft Windows在实现上存在Win32k空指针引用漏洞,攻击者可利用此漏洞在内核模式运行任意代码。 权限提升漏洞源于Windows内核模式驱动程序管理其对象指针的方式存在问题。 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2003 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS11-054)以及相应补丁: MS11-054:Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917) 链接:http://www.microsoft.com/technet/security/bulletin/MS11-054.asp |
id | SSV:20725 |
last seen | 2017-11-19 |
modified | 2011-07-14 |
published | 2011-07-14 |
reporter | Root |
title | Windows Win32k.sys本地权限提升漏洞(CVE-2011-1888)(MS11-054) |
References
- http://support.avaya.com/css/P8/documents/100144947
- http://secunia.com/advisories/45186
- http://www.securitytracker.com/id?1025761
- http://osvdb.org/73790
- http://www.us-cert.gov/cas/techalerts/TA11-193A.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12898
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-054