Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1870

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2011-1870
Last Modified 04 Oct 2011 10:54:15
Published 13 Jul 2011 07:55:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2011-1870

Summary

Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvWriteConsoleOutputString Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 2003 Server

  • Microsoft Windows Server 2003

  • Microsoft Windows Xp

  • Microsoft Windows Xp -


References

CERT - TA11-193A

MS - MS11-056

BID - 48605

OSVDB - 73795


Last Updated: 27 May 2016 10:56:50