CVE

Id
49150  
CVE No.
CVE-2011-1238  
Status
Candidate  
Description
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability."  
Phase
Assigned (20110304)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
534453 49150 CVE-2011-1238 MISC:http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx  View
534454 49150 CVE-2011-1238 CONFIRM:http://support.avaya.com/css/P8/documents/100133352  View
534455 49150 CVE-2011-1238 MS:MS11-034  View
534456 49150 CVE-2011-1238 URL:http://www.microsoft.com/technet/security/Bulletin/MS11-034.mspx  View
534457 49150 CVE-2011-1238 CERT:TA11-102A  View
534458 49150 CVE-2011-1238 URL:http://www.us-cert.gov/cas/techalerts/TA11-102A.html  View
534459 49150 CVE-2011-1238 BID:47215  View
534460 49150 CVE-2011-1238 URL:http://www.securityfocus.com/bid/47215  View
534461 49150 CVE-2011-1238 OSVDB:71753  View
534462 49150 CVE-2011-1238 URL:http://osvdb.org/71753  View
534463 49150 CVE-2011-1238 OVAL:oval:org.mitre.oval:def:12417  View
534464 49150 CVE-2011-1238 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12417  View
534465 49150 CVE-2011-1238 SECTRACK:1025345  View
534466 49150 CVE-2011-1238 URL:http://www.securitytracker.com/id?1025345  View
534467 49150 CVE-2011-1238 SECUNIA:44156  View
534468 49150 CVE-2011-1238 URL:http://secunia.com/advisories/44156  View
534469 49150 CVE-2011-1238 VUPEN:ADV-2011-0952  View
534470 49150 CVE-2011-1238 URL:http://www.vupen.com/english/advisories/2011/0952  View
534471 49150 CVE-2011-1238 XF:mswin-win32k-var26-priv-escalation(66420)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
31233 JVNDB-2011-001473 Microsoft Windows XP の Windows Messenger ActiveX コントロールにおける任意のコードを実行される脆弱性 Microsoft Windows XP の msgsc.dll 内にある Windows Messenger ActiveX コントロールには、任意のコードを実行される脆弱性が存在します。 CVE-2011-1243 49150 9.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001473.html  View