CVE

Id
49897  
CVE No.
CVE-2011-1985  
Status
Candidate  
Description
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka "Win32k Null Pointer De-reference Vulnerability."  
Phase
Assigned (20110509)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
541517 49897 CVE-2011-1985 MS:MS11-077  View
541518 49897 CVE-2011-1985 URL:http://technet.microsoft.com/en-us/security/bulletin/MS11-077  View
541519 49897 CVE-2011-1985 OVAL:oval:org.mitre.oval:def:12935  View
541520 49897 CVE-2011-1985 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12935  View
541521 49897 CVE-2011-1985 SECTRACK:1026165  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
32164 JVNDB-2011-002404 複数の Microsoft Excel 製品における任意のコードを実行される脆弱性 複数の Microsoft Excel 製品は、配列インデックスを適切に検証しないため、任意のコードを実行される脆弱性が存在します。 CVE-2011-1990 49897 9.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002404.html  View