Vulnerabilities > CVE-2011-2011 - Resource Management Errors vulnerability in Microsoft products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, aka "Win32k Use After Free Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 13 |
Common Weakness Enumeration (CWE)
Msbulletin
bulletin_id | MS11-077 |
bulletin_url | |
date | 2011-10-11T00:00:00 |
impact | Remote Code Execution |
knowledgebase_id | 2567053 |
knowledgebase_url | |
severity | Important |
title | Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS11-077.NASL |
description | The remote host is running a version of the Windows kernel that is affected by the following vulnerabilities : - A NULL pointer deference that could allow privilege escalation. (CVE-2011-1985) - A DoS caused by processing a specially crafted TrueType font file. (CVE-2011-2002) - A code execution vulnerability triggered by tricking a user into opening a specially crafted .fon font file. (CVE-2011-2003) - A use after free vulnerability that could allow privilege escalation. (CVE-2011-2011) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 56451 |
published | 2011-10-11 |
reporter | This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/56451 |
title | MS11-077: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2567053) |
code |
|
Oval
accepted | 2013-05-06T04:01:09.281-04:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
description | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, aka "Win32k Use After Free Vulnerability." | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:12904 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
submitted | 2011-10-11T13:00:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
title | Win32k Use After Free Vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
version | 74 |
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 49981 CVE ID: CVE-2011-2011 Microsoft Windows是流行的计算机操作系统。 Windows Kernel在Win32k.sys的实现上存在本地权限提升漏洞,本地攻击者可利用此漏洞以内核权限执行任意代码,导致完全控制受影响计算机。 Microsoft Windows XP Microsoft Windows Server Microsoft Vista Microsoft Windows 7 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS11-077)以及相应补丁: MS11-077:Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2567053) 链接:http://www.microsoft.com/technet/security/bulletin/MS11-077.mspx |
id | SSV:20997 |
last seen | 2017-11-19 |
modified | 2011-10-12 |
published | 2011-10-12 |
reporter | Root |
title | Microsoft Windows Kernel Win32k.sys本地权限提升漏洞(MS11-077)(CVE-2011-2011) |