Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0001

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-0001
Last Modified 06 Mar 2013 11:50:19
Published 10 Jan 2012 04:55:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0001

Summary

The kernel in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly load structured exception handling tables, which allows context-dependent attackers to bypass the SafeSEH security feature by leveraging a Visual C++ .NET 2003 application, aka "Windows Kernel SafeSEH Bypass Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 7 -

  • Microsoft Windows Server 2003

  • Microsoft Windows Server 2008

  • Microsoft Windows Server 2008 -

  • Microsoft Windows Server 2008 R2

  • Microsoft Windows Vista

  • Microsoft Windows Xp


References

MS - MS12-001

SECTRACK - 1026493

BID - 51296

SECUNIA - 47356

SUSE - openSUSE-SU-2012:0917

CERT - TA12-010A

Related Patches

MS12-001 Security Update for Windows 7 (KB2644615)

MS12-001 Security Update for Windows Server 2008 (KB2644615)

MS12-001 Security Update for Windows Server 2003 (KB2644615)

MS12-001 Security Update for Windows Vista (KB2644615)

MS12-001 Security Update for Windows Server 2008 x64 (KB2644615)

MS12-001 Security Update for Windows Server 2008 R2 x64 (KB2644615)

MS12-001 Security Update for Windows Server 2003 x64 (KB2644615)

MS12-001 Security Update for Windows Vista for x64 (KB2644615)

MS12-001 Security Update for Windows 7 x64 (KB2644615)


Last Updated: 27 May 2016 10:57:18