Vulnerabilities > CVE-2011-1971 - Resource Management Errors vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse file metadata, which allows local users to cause a denial of service (reboot) via a crafted file, aka "Windows Kernel Metadata Parsing DOS Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 9 |
Common Weakness Enumeration (CWE)
Msbulletin
bulletin_id | MS11-068 |
bulletin_url | |
date | 2011-08-09T00:00:00 |
impact | Denial of Service |
knowledgebase_id | 2556532 |
knowledgebase_url | |
severity | Moderate |
title | Vulnerability in Windows Kernel Could Allow Denial of Service |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS11-068.NASL |
description | The remote host is running a Windows kernel version that is affected by a denial of service vulnerability involving the code that handles parsing file metadata when browsing a folder. A remote attacker could exploit this issue by tricking a user into opening a folder containing a specially crafted file, resulting in a denial of service. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 55798 |
published | 2011-08-09 |
reporter | This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/55798 |
title | MS11-068: Vulnerability in Windows Kernel Could Allow Denial of Service (2556532) |
code |
|
Oval
accepted | 2012-07-30T04:00:08.129-04:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
description | The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse file metadata, which allows local users to cause a denial of service (reboot) via a crafted file, aka "Windows Kernel Metadata Parsing DOS Vulnerability." | ||||||||||||||||||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:12663 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||||||||||||||||||
submitted | 2011-08-09T13:00:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
title | Windows Kernel Metadata Parsing DOS Vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||
version | 74 |
Seebug
bulletinFamily | exploit |
description | Bugtraq ID: 48997 CVE ID:CVE-2011-1971 Microsoft Windows是一款流行的操作系统。 在解析文件中的元数据信息时内核存在错误,可导致系统崩溃。 要成功利用漏洞需要用户浏览器包含特制文件的文件夹(如浏览网络共享或WEB站点引用的网络共享) Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Vista SP2 Microsoft Windows Server 2008 R2 x64 SP1 Microsoft Windows Server 2008 R2 x64 Microsoft Windows Server 2008 R2 Itanium SP1 Microsoft Windows Server 2008 R2 Itanium Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for 32-bit Systems 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息: http://www.microsoft.com/technet/security/Bulletin/MS11-068.mspx |
id | SSV:20834 |
last seen | 2017-11-19 |
modified | 2011-08-10 |
published | 2011-08-10 |
reporter | Root |
title | Microsoft Windows Kernel CVE-2011-1971远程拒绝服务漏洞 |