Vulnerabilities > CVE-2012-0154 - Resource Management Errors vulnerability in Microsoft products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers keyboard layout errors, aka "Keyboard Layout Use After Free Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 13 |
Common Weakness Enumeration (CWE)
Msbulletin
bulletin_id | MS12-008 |
bulletin_url | |
date | 2012-02-14T00:00:00 |
impact | Remote Code Execution |
knowledgebase_id | 2660465 |
knowledgebase_url | |
severity | Critical |
title | Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS12-008.NASL |
description | The remote host is running a version of the Windows kernel that is affected by multiple remote code execution vulnerabilities : - Due to improper validation in input passed from user mode through the kernel component of GDI, an attacker can cause a denial of service condition or may be able to execute arbitrary code in kernel mode. (CVE-2011-5046) - A flaw in the way the Windows kernel-mode drivers manages specific keyboard layouts could allow an attacker to run arbitrary code in kernel mode. (CVE-2012-0154) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 57942 |
published | 2012-02-14 |
reporter | This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/57942 |
title | MS12-008: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465) |
code |
|
Oval
accepted | 2013-05-06T04:01:20.834-04:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
description | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers keyboard layout errors, aka "Keyboard Layout Use After Free Vulnerability." | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:14928 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
submitted | 2012-02-14T13:00:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
title | Keyboard Layout Use After Free Vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
version | 74 |
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 51920 CVE ID: CVE-2012-0154 Microsoft Windows是流行的计算机操作系统。 Windows Kernel Win32k.sys在验证用户模式传输到GDI内核组件的输入时存在本地权限提升漏洞,本地攻击者可利用此漏洞以内核权限执行任意代码,造成完全控制受影响计算机。 0 Microsoft Windows XP Microsoft Windows Server 2008 Microsoft Windows 7 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS12-008)以及相应补丁: MS12-008:Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465) 链接:http://www.microsoft.com/technet/security/bulletin/MS12-008.asp |
id | SSV:30118 |
last seen | 2017-11-19 |
modified | 2012-02-16 |
published | 2012-02-16 |
reporter | Root |
title | Microsoft Windows Kernel "Win32k.sys"键盘布局本地权限提升漏洞(MS12-008) |