CVSS: 8.4EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1881
https://notcve.org/view.php?id=CVE-2011-1881
13 Jul 2011 — win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Null Pointer De-reference Vulnerability." win32k.sys en los controladores de modo kernel de Microsoft Windows XP SP2 y SP3, Windows... • http://osvdb.org/73787 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1882
https://notcve.org/view.php?id=CVE-2011-1882
13 Jul 2011 — Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." Vulnerabilidad de uso después de la liberación en win32k.sy... • http://osvdb.org/73782 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1883
https://notcve.org/view.php?id=CVE-2011-1883
13 Jul 2011 — Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." Vulnerabilidad de uso después de la liberación en win32k.sy... • http://osvdb.org/73783 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1884
https://notcve.org/view.php?id=CVE-2011-1884
13 Jul 2011 — Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." Vulnerabilidad de uso después de la liberación en win32k.sy... • http://osvdb.org/73784 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1885
https://notcve.org/view.php?id=CVE-2011-1885
13 Jul 2011 — win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Null Pointer De-reference Vulnerability." win32k.sys en los controladores de modo kernel de Microsoft Windows XP SP2 y SP3, Windows... • http://osvdb.org/73788 •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1281
https://notcve.org/view.php?id=CVE-2011-1281
13 Jul 2011 — The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly restrict the number of console objects for a process, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local ... • http://www.us-cert.gov/cas/techalerts/TA11-193A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 18%CPEs: 10EXPL: 0CVE-2011-1246
https://notcve.org/view.php?id=CVE-2011-1246
16 Jun 2011 — Microsoft Internet Explorer 8 does not properly handle content settings in HTTP responses, which allows remote web servers to obtain sensitive information from a different (1) domain or (2) zone via a crafted response, aka "MIME Sniffing Information Disclosure Vulnerability." Microsoft Internet Explorer 8 no maneja adecuadamente las opciones de contenido en las respuestas HTTP, lo que permite a servidores web remotos obtener información sensible desde distintos (1) domain o (2) zone a través de una respuest... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 29%CPEs: 16EXPL: 6CVE-2011-1249 – Microsoft Windows - 'afd.sys' Local Kernel (PoC) (MS11-046)
https://notcve.org/view.php?id=CVE-2011-1249
16 Jun 2011 — The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability." La función del controlador auxiliar (AFD)en afd.sys de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windo... • https://packetstorm.news/files/id/139196 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 46%CPEs: 30EXPL: 0CVE-2011-1250
https://notcve.org/view.php?id=CVE-2011-1250
16 Jun 2011 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Link Properties Handling Memory Corruption Vulnerability." Microsoft Internet Explorer 6 hasta la versión 9 no maneja apropiadamente los objetos en memoria, lo que permite a atacantes remotos ejecutar código arbitrario accediendo a un objeto que (1) no ha sido apropiadamente inicializad... • http://www.nsfocus.com/en/advisories/1101.html • CWE-908: Use of Uninitialized Resource •
CVSS: 9.3EPSS: 40%CPEs: 12EXPL: 0CVE-2011-1251
https://notcve.org/view.php?id=CVE-2011-1251
16 Jun 2011 — Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Manipulation Memory Corruption Vulnerability." Microsoft Internet Explorer 8 no maneja adecuadamente los objetos en memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto que (1) no haya sido iniciado adecuadamente o (2) es eliminado. También se cono... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050 • CWE-908: Use of Uninitialized Resource •