Vulnerabilities > CVE-2012-1868 - Race Condition vulnerability in Microsoft Windows XP
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Race condition in the thread-creation implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application, aka "Win32k.sys Race Condition Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Leveraging Race Conditions This attack targets a race condition occurring when multiple processes access and manipulate the same resource concurrently and the outcome of the execution depends on the particular order in which the access takes place. The attacker can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance a race condition can occur while accessing a file, the attacker can trick the system by replacing the original file with his version and cause the system to read the malicious file.
- Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. The typical example is the file access. The attacker can leverage a file access race condition by "running the race", meaning that he would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the attacker could do something such as replace the file and cause an escalation of privilege.
Msbulletin
bulletin_id | MS12-041 |
bulletin_url | |
date | 2012-06-12T00:00:00 |
impact | Elevation of Privilege |
knowledgebase_id | 2709162 |
knowledgebase_url | |
severity | Important |
title | Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS12-041.NASL |
description | The remote Windows host is affected by several vulnerabilities in the Kernel-Mode drivers that could allow elevation of privilege : - Flaws in the way the Windows kernel-mode drivers manage driver objects could be exploited to execute arbitrary code in kernel mode. (CVE-2012-1864, CVE-2012-1865, CVE-2012-1866) - Windows kernel-mode drivers do not properly allocate memory when handling fonts, which could be exploited to execute arbitrary code in kernel mode. (CVE-2012-1867) - A race condition exists in the way that the kernel deals with specific thread creation attempts. This could be exploited to execute arbitrary code in kernel mode. (CVE-2012-1868) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 59459 |
published | 2012-06-13 |
reporter | This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/59459 |
title | MS12-041: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2709162) |
code |
|
Oval
accepted | 2012-07-30T04:00:32.601-04:00 | ||||
class | vulnerability | ||||
contributors |
| ||||
definition_extensions |
| ||||
description | Race condition in the thread-creation implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application, aka "Win32k.sys Race Condition Vulnerability." | ||||
family | windows | ||||
id | oval:org.mitre.oval:def:15647 | ||||
status | accepted | ||||
submitted | 2012-06-18T13:31:23 | ||||
title | Win32k.sys Race Condition Vulnerability (CVE-2012-1868) | ||||
version | 71 |
Seebug
bulletinFamily | exploit |
description | CVE ID: CVE-2012-1868 Microsoft Windows是微软公司推出的一系列操作系统。 Windows内核处理特定线程创建时存在权限提升漏洞,成功利用后可允许在内核模式中运行任意代码。 0 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Vista Microsoft Server 2008 Microsoft Windows 7 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(ms12-041)以及相应补丁: ms12-041:Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2709162) 链接:http://www.microsoft.com/technet/security/bulletin/ms12-041.asp |
id | SSV:60208 |
last seen | 2017-11-19 |
modified | 2012-06-13 |
published | 2012-06-13 |
reporter | Root |
title | Windows Kernel-Mode Drivers Win32k.sys竞争条件漏洞 (CVE-2012-1868) (MS12-041) |