Vulnerabilities > CVE-2012-0001 - Unspecified vulnerability in Microsoft products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN microsoft
nessus
Summary
The kernel in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly load structured exception handling tables, which allows context-dependent attackers to bypass the SafeSEH security feature by leveraging a Visual C++ .NET 2003 application, aka "Windows Kernel SafeSEH Bypass Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 11 |
Msbulletin
bulletin_id | MS12-001 |
bulletin_url | |
date | 2012-01-10T00:00:00 |
impact | Security Feature Bypass |
knowledgebase_id | 2644615 |
knowledgebase_url | |
severity | Important |
title | Vulnerability in Windows Kernel Could Allow Security Feature Bypass |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS12-001.NASL |
description | The remote Windows host has a bypass vulnerability in the SafeSEH security feature. This could allow an attacker to use other vulnerabilities to bypass the SafeSEH security feature and run arbitrary code on the remote host. Only software applications compiled using Microsoft Visual C++ .NET 2003 could be used to exploit this vulnerability. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 57469 |
published | 2012-01-10 |
reporter | This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/57469 |
title | MS12-001: Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615) |
code |
|
Oval
accepted | 2012-02-20T04:00:06.732-05:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
description | The kernel in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly load structured exception handling tables, which allows context-dependent attackers to bypass the SafeSEH security feature by leveraging a Visual C++ .NET 2003 application, aka "Windows Kernel SafeSEH Bypass Vulnerability." | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:14758 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
submitted | 2012-01-10T13:00:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
title | Windows Kernel SafeSEH Bypass Vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
version | 72 |
References
- http://www.securitytracker.com/id?1026493
- http://www.securityfocus.com/bid/51296
- http://secunia.com/advisories/47356
- http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html
- http://www.us-cert.gov/cas/techalerts/TA12-010A.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14758
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-001