// For flags

CVE-2011-1229

 

Severity Score

7.2
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability."

Vulneravilidad de desreferencia a puntero nulo en win32k.sys en el controlador kernel-modeen en Microsoft Windows XP SP2 ySP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, SP2, R2, y R2 SP1, y Windows 7 Gold y SP1, permite a usuarios locales obtener privilegios a través de aplicaciones manipuladas lanzan un desreferencia a puntero nulo. Vulnerabilidad distinta de "Vulnerabilidad tipo 2" listada en los CVEs en MS11-034, también conocida como "Win32k Null Pointer De-reference Vulnerability."

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2011-03-04 CVE Reserved
  • 2011-04-13 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-476: NULL Pointer Dereference
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Microsoft
Search vendor "Microsoft"
Windows 2003 Server
Search vendor "Microsoft" for product "Windows 2003 Server"
-sp2
Affected
Microsoft
Search vendor "Microsoft"
Windows 7
Search vendor "Microsoft" for product "Windows 7"
--
Affected
Microsoft
Search vendor "Microsoft"
Windows 7
Search vendor "Microsoft" for product "Windows 7"
-sp1
Affected
Microsoft
Search vendor "Microsoft"
Windows Server 2003
Search vendor "Microsoft" for product "Windows Server 2003"
-sp2
Affected
Microsoft
Search vendor "Microsoft"
Windows Server 2008
Search vendor "Microsoft" for product "Windows Server 2008"
--
Affected
Microsoft
Search vendor "Microsoft"
Windows Server 2008
Search vendor "Microsoft" for product "Windows Server 2008"
-sp2
Affected
Microsoft
Search vendor "Microsoft"
Windows Server 2008
Search vendor "Microsoft" for product "Windows Server 2008"
r2
Search vendor "Microsoft" for product "Windows Server 2008" and version "r2"
itanium
Affected
Microsoft
Search vendor "Microsoft"
Windows Server 2008
Search vendor "Microsoft" for product "Windows Server 2008"
r2
Search vendor "Microsoft" for product "Windows Server 2008" and version "r2"
x64
Affected
Microsoft
Search vendor "Microsoft"
Windows Server 2008
Search vendor "Microsoft" for product "Windows Server 2008"
r2
Search vendor "Microsoft" for product "Windows Server 2008" and version "r2"
sp1, itanium
Affected
Microsoft
Search vendor "Microsoft"
Windows Server 2008
Search vendor "Microsoft" for product "Windows Server 2008"
r2
Search vendor "Microsoft" for product "Windows Server 2008" and version "r2"
sp1, x64
Affected
Microsoft
Search vendor "Microsoft"
Windows Vista
Search vendor "Microsoft" for product "Windows Vista"
-sp1
Affected
Microsoft
Search vendor "Microsoft"
Windows Vista
Search vendor "Microsoft" for product "Windows Vista"
-sp1, x64
Affected
Microsoft
Search vendor "Microsoft"
Windows Vista
Search vendor "Microsoft" for product "Windows Vista"
-sp2
Affected
Microsoft
Search vendor "Microsoft"
Windows Vista
Search vendor "Microsoft" for product "Windows Vista"
-sp2, x64
Affected
Microsoft
Search vendor "Microsoft"
Windows Xp
Search vendor "Microsoft" for product "Windows Xp"
-sp2, x64
Affected
Microsoft
Search vendor "Microsoft"
Windows Xp
Search vendor "Microsoft" for product "Windows Xp"
-sp3
Affected
Avaya
Search vendor "Avaya"
Agent Access
Search vendor "Avaya" for product "Agent Access"
*-
Affected
Avaya
Search vendor "Avaya"
Aura Conferencing Standard Edition
Search vendor "Avaya" for product "Aura Conferencing Standard Edition"
6.0.0
Search vendor "Avaya" for product "Aura Conferencing Standard Edition" and version "6.0.0"
-
Affected
Avaya
Search vendor "Avaya"
Basic Call Management System Reporting Desktop
Search vendor "Avaya" for product "Basic Call Management System Reporting Desktop"
*-
Affected
Avaya
Search vendor "Avaya"
Call Management Server Supervisor
Search vendor "Avaya" for product "Call Management Server Supervisor"
*-
Affected
Avaya
Search vendor "Avaya"
Callpilot
Search vendor "Avaya" for product "Callpilot"
>= 4.0.x <= 5.0.x
Search vendor "Avaya" for product "Callpilot" and version " >= 4.0.x <= 5.0.x"
-
Affected
Avaya
Search vendor "Avaya"
Callvisor Asai Lan
Search vendor "Avaya" for product "Callvisor Asai Lan"
*-
Affected
Avaya
Search vendor "Avaya"
Communication Server 1000 Telephony Manager
Search vendor "Avaya" for product "Communication Server 1000 Telephony Manager"
>= 3.0.0 <= 4.0.0
Search vendor "Avaya" for product "Communication Server 1000 Telephony Manager" and version " >= 3.0.0 <= 4.0.0"
-
Affected
Avaya
Search vendor "Avaya"
Computer Telephony
Search vendor "Avaya" for product "Computer Telephony"
*-
Affected
Avaya
Search vendor "Avaya"
Contact Center Express
Search vendor "Avaya" for product "Contact Center Express"
*-
Affected
Avaya
Search vendor "Avaya"
Customer Interaction Express
Search vendor "Avaya" for product "Customer Interaction Express"
*-
Affected
Avaya
Search vendor "Avaya"
Enterprise Manager
Search vendor "Avaya" for product "Enterprise Manager"
*-
Affected
Avaya
Search vendor "Avaya"
Integrated Management
Search vendor "Avaya" for product "Integrated Management"
*-
Affected
Avaya
Search vendor "Avaya"
Interaction Center
Search vendor "Avaya" for product "Interaction Center"
*-
Affected
Avaya
Search vendor "Avaya"
Ip Agent
Search vendor "Avaya" for product "Ip Agent"
*-
Affected
Avaya
Search vendor "Avaya"
Ip Softphone
Search vendor "Avaya" for product "Ip Softphone"
*-
Affected
Avaya
Search vendor "Avaya"
Meeting Exchange
Search vendor "Avaya" for product "Meeting Exchange"
>= 5.0.0 <= 5.2.0
Search vendor "Avaya" for product "Meeting Exchange" and version " >= 5.0.0 <= 5.2.0"
-
Affected
Avaya
Search vendor "Avaya"
Messaging Application Server
Search vendor "Avaya" for product "Messaging Application Server"
>= 4.0.x <= 5.2.x
Search vendor "Avaya" for product "Messaging Application Server" and version " >= 4.0.x <= 5.2.x"
-
Affected
Avaya
Search vendor "Avaya"
Network Reporting
Search vendor "Avaya" for product "Network Reporting"
*-
Affected
Avaya
Search vendor "Avaya"
Octelaccess Server
Search vendor "Avaya" for product "Octelaccess Server"
*-
Affected
Avaya
Search vendor "Avaya"
Octeldesigner
Search vendor "Avaya" for product "Octeldesigner"
*-
Affected
Avaya
Search vendor "Avaya"
Operational Analyst
Search vendor "Avaya" for product "Operational Analyst"
*-
Affected
Avaya
Search vendor "Avaya"
Outbound Contact Management
Search vendor "Avaya" for product "Outbound Contact Management"
*-
Affected
Avaya
Search vendor "Avaya"
Speech Access
Search vendor "Avaya" for product "Speech Access"
*-
Affected
Avaya
Search vendor "Avaya"
Unified Communication Center
Search vendor "Avaya" for product "Unified Communication Center"
*-
Affected
Avaya
Search vendor "Avaya"
Unified Messenger
Search vendor "Avaya" for product "Unified Messenger"
*-
Affected
Avaya
Search vendor "Avaya"
Visual Messenger
Search vendor "Avaya" for product "Visual Messenger"
*-
Affected
Avaya
Search vendor "Avaya"
Visual Vector Client
Search vendor "Avaya" for product "Visual Vector Client"
*-
Affected
Avaya
Search vendor "Avaya"
Vpnmanager Console
Search vendor "Avaya" for product "Vpnmanager Console"
*-
Affected
Avaya
Search vendor "Avaya"
Web Messenger
Search vendor "Avaya" for product "Web Messenger"
*-
Affected