Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0087)本地特权提升漏洞
CVE编号
CVE-2011-0087利用情况
暂无补丁情况
N/A披露时间
2011-02-09漏洞描述
Microsoft Windows是一款微软发行的操作系统。Windows内核模式驱动在校验由用户空间到内核空间的数据时存在错误,本地攻击者可以利用漏洞以内核上下文执行任意代码。解决建议
用户可参考如下供应商提供的安全补丁修复此漏洞:Microsoft Windows Vista SP1Microsoft Windows6.0-KB2479628-x86.msuhttp://www.microsoft.com/downloads/details.aspx?familyid=6FB7EBCC-2052 -457B-B5BC-1BBCB17696B9Microsoft Windows Server 2008 for Itanium-based Systems SP2Microsoft Windows6.0-KB2479628-ia64.msuhttp://www.microsoft.com/downloads/details.aspx?familyid=D10EDA21-B3C3 -4D8E-8596-BC45E4165F933DM Software Disk Management Software SP2Microsoft WindowsServer2003-KB2479628-x86-ENU.exehttp://www.microsoft.com/downloads/details.aspx?familyid=54FE2669-8A63 -4D96-8B82-5B10F45B293EMicrosoft Windows 7 for x64-based Systems 0Microsoft Windows6.1-KB2479628-x64.msuhttp://www.microsoft.com/downloads/details.aspx?familyid=B42642B3-FB78 -4700-BFE8-BFA997B90C16Microsoft Windows XP Media Center Edition SP3Microsoft WindowsXP-KB2479628-x86-ENU.exehttp://www.microsoft.com/downloads/details.aspx?familyid=56F4F43E-C313 -49DC-A278-E3E8A83A907EMicrosoft Windows Server 2003 Itanium SP2Microsoft WindowsServer2003-KB2479628-ia64-ENU.exehttp://www.microsoft.com/downloads/details.aspx?familyid=A09C3E6E-C55C -492A-B7AD-3E3D35711643Microsoft Windows Vista SP2Microsoft Windows6.0-KB2479628-x86.msuhttp://www.microsoft.com/downloads/details.aspx?familyid=6FB7EBCC-2052 -457B-B5BC-1BBCB17696B9Microsoft Windows 7 for 32-bit Systems 0Microsoft Windows6.1-KB2479628-x86.msuhttp://www.microsoft.com/downloads/details.aspx?familyid=078FE6C0-1B2C -4896-A345-25CC1B1105E2Microsoft Windows XP Home SP3Microsoft WindowsXP-KB2479628-x86-ENU.exehttp://www.microsoft.com/downloads/details.aspx?familyid=56F4F43E-C313 -49DC-A278-E3E8A83A907EMicrosoft Windows XP Professional x64 Edition SP2Microsoft WindowsServer2003.WindowsXP-KB2479628-x64-ENU.exehttp://www.microsoft.com/downloads/details.aspx?familyid=E80DB313-B470 -4D71-BC34-70BFBFB6579FMicrosoft Windows Server 2008 for Itanium-based Systems R2Microsoft Windows6.1-KB2479628-ia64.msuhttp://www.microsoft.com/downloads/details.aspx?familyid=8C6BF720-F544 -4F58-9B1C-2399957EC43DMicrosoft Windows Vista x64 Edition SP2Microsoft Windows6.0-KB2479628-x64.msuhttp://www.microsoft.com/downloads/details.aspx?familyid=88D68757-1AB0 -4585-9578-52A474B10882Microsoft Windows Server 2008 for Itanium-based Systems 0Microsoft Windows6.0-KB2479628-ia64.msuhttp://www.microsoft.com/downloads/details.aspx?familyid=D10EDA21-B3C3 -4D8E-8596-BC45E4165F93Microsoft Windows Vista x64 Edition SP1Microsoft Windows6.0-KB2479628-x64.msuhttp://www.microsoft.com/downloads/details.aspx?familyid=88D68757-1AB0 -4585-9578-52A474B10882受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | microsoft | windows_2003_server | * | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | microsoft | windows_server_2003 | * | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | microsoft | windows_server_2008 | * | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | microsoft | windows_server_2008 | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | microsoft | windows_vista | * | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | microsoft | windows_vista | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | microsoft | windows_xp | * | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | microsoft | windows_xp | - | - | |||||
- 攻击路径 本地
- 攻击复杂度 低
- 权限要求 无
- 影响范围 N/A
- 用户交互 无
- 可用性 完全地
- 保密性 完全地
- 完整性 完全地
| CWE-ID | 漏洞类型 |
| CWE-20 | 输入验证不恰当 |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论