CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 2CVE-2011-2604
https://notcve.org/view.php?id=CVE-2011-2604
The Intel G41 driver 6.14.10.5355 on Windows XP SP3 allows remote attackers to cause a denial of service (system crash) via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK. El controlador de Intel G41 v6.14.10.5355 en Windows XP SP3 permite a atacantes remotos causar una denegación de servicio (caída del sistema) a través de una página web manipulada que se visita con Google Chrome o Mozilla Firefox, como lo demuestra con la página de prueba lots-of-polys-example.html en el Khronos WebGL SDK. • http://www.contextis.com/resources/blog/webgl http://www.contextis.com/resources/blog/webgl2 http://www.securityfocus.com/bid/48319 • CWE-399: Resource Management Errors •
CVSS: 7.2EPSS: 0%CPEs: 16EXPL: 3CVE-2011-1249 – Microsoft Windows - 'afd.sys' Local Kernel (PoC) (MS11-046)
https://notcve.org/view.php?id=CVE-2011-1249
The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability." La función del controlador auxiliar (AFD)en afd.sys de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, Service Pack 2, R2 y R2 SP1, y Windows 7 y SP1 no valida correctamente la entrada en modo usuario,lo que permite a usuarios locales conseguir privilegios a través de una aplicación manipulada, también conocido como "Vulnerabilidad de elebación de privilegios de la función del controlador auxiliar" • https://www.exploit-db.com/exploits/18755 https://www.exploit-db.com/exploits/40564 https://github.com/N3rdyN3xus/CVE-2011-1249 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-046 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12731 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 17EXPL: 1CVE-2011-1237
https://notcve.org/view.php?id=CVE-2011-1237
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." Vulnerabilidad de uso después de liberación en Win32k.sys en los controladores de modo kernel de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, Service Pack 2, R2 y R2 SP1, y Windows 7 Gold y SP1 permite a usuarios locales conseguir privilegios a través de una aplicación modificada que aprovecha la incorrecta administración de objetos controlador. • https://github.com/BrunoPujos/CVE-2011-1237 http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx http://osvdb.org/71752 http://secunia.com/advisories/44156 http://support.avaya.com/css/P8/documents/100133352 http://www.securityfocus.com/bid/47214 http://www.securitytracker.com/id?1025345 http://www.us-cert.gov/cas/techalerts/TA11-102A.html http://www.vupen.com/english/advisories/2011/0952 https://docs.microso • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2010-4238 – kernel: Xen Dom0 crash with Windows 2008 R2 64bit DomU + GPLPV
https://notcve.org/view.php?id=CVE-2010-4238
The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. • http://bugs.centos.org/bug_view_advanced_page.php?bug_id=4517 http://secunia.com/advisories/42884 http://secunia.com/advisories/46397 http://www.redhat.com/support/errata/RHSA-2011-0017.html http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/45795 http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/show_bug.cgi?id=655623 https://exchange.xforce.ibmcloud.com/vulnerabilities/64698 https://access& • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 4CVE-2010-4398 – Microsoft Windows Kernel Stack-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2010-4398
Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control (UAC) feature, via a crafted REG_BINARY value for a SystemDefaultEUDCFont registry key, aka "Driver Improper Interaction with Windows Kernel Vulnerability." Desbordamiento de buffer basado en pila en la función RtlQueryRegistryValues de win32k.sys de Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 hasta la versión R2 y Windows 7. ... Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature. • storyid=9988 http://nakedsecurity.sophos.com/2010/11/25/new-windows-zero-day-flaw-bypasses-uac http://secunia.com/advisories/42356 http://support.avaya.com/css/P8/documents/100127248 http://twitter.com/msftsecresponse/statuses/7590788200402945 http://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror http://www.exploit-db.com/exploits/15609 http://www.kb.cert.org/vuls/id/529673 http://www.securityfocus.com/bid/45045 http://www.securitytracker.com&#x • CWE-787: Out-of-bounds Write •