CVE-2011-1229 - Vulnerability Details

Vendors	Products
Avaya	Agent Access Aura Conferencing Standard Edition Basic Call Management System Reporting Desktop Call Management Server Supervisor Callpilot Callvisor Asai Lan Communication Server 1000 Telephony Manager Computer Telephony Contact Center Express Customer Interaction Express Enterprise Manager Integrated Management Interaction Center Ip Agent Ip Softphone Meeting Exchange Messaging Application Server Network Reporting Octelaccess Server Octeldesigner Operational Analyst Outbound Contact Management Speech Access Unified Communication Center Unified Messenger Visual Messenger Visual Vector Client Vpnmanager Console Web Messenger
Microsoft	Windows 2003 Server Windows 7 Windows Server 2003 Windows Server 2008 Windows Vista Windows Xp

Link	Providers
http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx
http://osvdb.org/71735
http://secunia.com/advisories/44156
http://support.avaya.com/css/P8/documents/100133352
http://www.securityfocus.com/bid/47229
http://www.securitytracker.com/id?1025345
http://www.us-cert.gov/cas/techalerts/TA11-102A.html
http://www.vupen.com/english/advisories/2011/0952
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034
https://exchange.xforce.ibmcloud.com/vulnerabilities/66411
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-04-12T00:00:00", "descriptions": [{"lang": "en", "value": "win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other \"Vulnerability Type 2\" CVEs listed in MS11-034, aka \"Win32k Null Pointer De-reference Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "47229", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/47229"}, {"name": "TA11-102A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA11-102A.html"}, {"name": "mswin-win32k-var17-priv-escalation(66411)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66411"}, {"name": "MS11-034", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034"}, {"name": "ADV-2011-0952", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0952"}, {"name": "oval:org.mitre.oval:def:12503", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/css/P8/documents/100133352"}, {"name": "44156", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/44156"}, {"tags": ["x_refsource_MISC"], "url": "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx"}, {"name": "1025345", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1025345"}, {"name": "71735", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/71735"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2011-1229", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other \"Vulnerability Type 2\" CVEs listed in MS11-034, aka \"Win32k Null Pointer De-reference Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "47229", "refsource": "BID", "url": "http://www.securityfocus.com/bid/47229"}, {"name": "TA11-102A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA11-102A.html"}, {"name": "mswin-win32k-var17-priv-escalation(66411)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66411"}, {"name": "MS11-034", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034"}, {"name": "ADV-2011-0952", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0952"}, {"name": "oval:org.mitre.oval:def:12503", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503"}, {"name": "http://support.avaya.com/css/P8/documents/100133352", "refsource": "CONFIRM", "url": "http://support.avaya.com/css/P8/documents/100133352"}, {"name": "44156", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/44156"}, {"name": "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx", "refsource": "MISC", "url": "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx"}, {"name": "1025345", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1025345"}, {"name": "71735", "refsource": "OSVDB", "url": "http://osvdb.org/71735"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:21:33.406Z"}, "title": "CVE Program Container", "references": [{"name": "47229", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/47229"}, {"name": "TA11-102A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA11-102A.html"}, {"name": "mswin-win32k-var17-priv-escalation(66411)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66411"}, {"name": "MS11-034", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034"}, {"name": "ADV-2011-0952", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0952"}, {"name": "oval:org.mitre.oval:def:12503", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/css/P8/documents/100133352"}, {"name": "44156", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/44156"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx"}, {"name": "1025345", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1025345"}, {"name": "71735", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/71735"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2011-1229", "datePublished": "2011-04-13T20:07:00", "dateReserved": "2011-03-04T00:00:00", "dateUpdated": "2024-08-06T22:21:33.406Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2011-04-12T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2018-10-12T19:57:01 (string)

orgId : f38d906d-7342-40ea-92c1-6c4a2c6478c8 (string)

shortName : microsoft (string)

}

references : [ »

0 : { »

name : 47229 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/47229 (string)

}

1 : { »

name : TA11-102A (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA11-102A.html (string)

}

2 : { »

name : mswin-win32k-var17-priv-escalation(66411) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/66411 (string)

}

3 : { »

name : MS11-034 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MS (string)

]

url : https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034 (string)

}

4 : { »

name : ADV-2011-0952 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2011/0952 (string)

}

5 : { »

name : oval:org.mitre.oval:def:12503 (string)

tags : [ »

0 : vdb-entry (string)

1 : signature (string)

2 : x_refsource_OVAL (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503 (string)

}

6 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://support.avaya.com/css/P8/documents/100133352 (string)

}

7 : { »

name : 44156 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/44156 (string)

}

8 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx (string)

}

9 : { »

name : 1025345 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id?1025345 (string)

}

10 : { »

name : 71735 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

]

url : http://osvdb.org/71735 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : secure@microsoft.com (string)

ID : CVE-2011-1229 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 47229 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/47229 (string)

}

1 : { »

name : TA11-102A (string)

refsource : CERT (string)

url : http://www.us-cert.gov/cas/techalerts/TA11-102A.html (string)

}

2 : { »

name : mswin-win32k-var17-priv-escalation(66411) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/66411 (string)

}

3 : { »

name : MS11-034 (string)

refsource : MS (string)

url : https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034 (string)

}

4 : { »

name : ADV-2011-0952 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2011/0952 (string)

}

5 : { »

name : oval:org.mitre.oval:def:12503 (string)

refsource : OVAL (string)

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503 (string)

}

6 : { »

name : http://support.avaya.com/css/P8/documents/100133352 (string)

refsource : CONFIRM (string)

url : http://support.avaya.com/css/P8/documents/100133352 (string)

}

7 : { »

name : 44156 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/44156 (string)

}

8 : { »

name : http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx (string)

refsource : MISC (string)

url : http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx (string)

}

9 : { »

name : 1025345 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id?1025345 (string)

}

10 : { »

name : 71735 (string)

refsource : OSVDB (string)

url : http://osvdb.org/71735 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T22:21:33.406Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 47229 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/47229 (string)

}

1 : { »

name : TA11-102A (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT (string)

2 : x_transferred (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA11-102A.html (string)

}

2 : { »

name : mswin-win32k-var17-priv-escalation(66411) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/66411 (string)

}

3 : { »

name : MS11-034 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MS (string)

2 : x_transferred (string)

]

url : https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034 (string)

}

4 : { »

name : ADV-2011-0952 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2011/0952 (string)

}

5 : { »

name : oval:org.mitre.oval:def:12503 (string)

tags : [ »

0 : vdb-entry (string)

1 : signature (string)

2 : x_refsource_OVAL (string)

3 : x_transferred (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503 (string)

}

6 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://support.avaya.com/css/P8/documents/100133352 (string)

}

7 : { »

name : 44156 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/44156 (string)

}

8 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx (string)

}

9 : { »

name : 1025345 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id?1025345 (string)

}

10 : { »

name : 71735 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

2 : x_transferred (string)

]

url : http://osvdb.org/71735 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : f38d906d-7342-40ea-92c1-6c4a2c6478c8 (string)

assignerShortName : microsoft (string)

cveId : CVE-2011-1229 (string)

datePublished : 2011-04-13T20:07:00 (string)

dateReserved : 2011-03-04T00:00:00 (string)

dateUpdated : 2024-08-06T22:21:33.406Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "3C0C7D2B-0AA5-4E82-B58B-2668A0EAC2E9", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:*", "matchCriteriaId": "B20DD263-5A62-4CB1-BD47-D1F9A6C67E08", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*", "matchCriteriaId": "B7674920-AE12-4A25-BE57-34AEDDA74D76", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "matchCriteriaId": "B320A104-9037-487E-BC9A-62B4A6B49FD0", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:x64:*", "matchCriteriaId": "7211B5C5-6B6E-4A33-88BC-1D64CD684204", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:x64:*", "matchCriteriaId": "6FF85ADB-8F36-424D-9F4A-BD357304CE66", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:x64:*", "matchCriteriaId": "BADB0479-3E0E-4326-B568-9DBDCACF0B5E", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avaya:agent_access:*:*:*:*:*:*:*:*", "matchCriteriaId": "41A2A343-6084-4123-80AB-99508101821B", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_conferencing_standard_edition:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "34F74A4C-8A30-4CE7-81CB-85248313E78F", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:basic_call_management_system_reporting_desktop:*:*:*:*:*:*:*:*", "matchCriteriaId": "E47123FC-A4C4-4806-A708-6F31455FA030", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:call_management_server_supervisor:*:*:*:*:*:*:*:*", "matchCriteriaId": "C0697163-0E8F-40DF-BA37-5506EFF383F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:callpilot:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB19CA9F-6272-4E9C-A986-6ED5B199894A", "versionEndIncluding": "5.0.x", "versionStartIncluding": "4.0.x", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:callvisor_asai_lan:*:*:*:*:*:*:*:*", "matchCriteriaId": "B145E412-2D7B-4961-94CA-1BEE72D93067", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:communication_server_1000_telephony_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB0E8DB4-973E-4A92-AFC0-809EF9612020", "versionEndIncluding": "4.0.0", "versionStartIncluding": "3.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:computer_telephony:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C7CB383-65EB-4B90-A987-1BEBA6F0804A", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:contact_center_express:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A5BAB1E-B4CA-465B-9305-EB9A4B60A18D", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:customer_interaction_express:*:*:*:*:*:*:*:*", "matchCriteriaId": "456FCAC1-3789-4C51-98EB-31C3502A2CBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:enterprise_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D010DC3-3263-4D74-80AB-29AF09159346", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:integrated_management:*:*:*:*:*:*:*:*", "matchCriteriaId": "D12D6986-429E-4152-A6E5-4CC1FB9556D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:interaction_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A9CC958-7300-4CEF-95BE-4DE004DCFE45", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_agent:*:*:*:*:*:*:*:*", "matchCriteriaId": "F01ED7E7-0B36-407E-B0A5-3878A269BCB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_softphone:*:*:*:*:*:*:*:*", "matchCriteriaId": "B63252E0-FB28-4854-81D5-DF654F1758F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:meeting_exchange:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBE28C39-5C7A-46A8-9718-33C0EB579C66", "versionEndIncluding": "5.2.0", "versionStartIncluding": "5.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:messaging_application_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FC25636-CED5-4D7C-866E-0E98E0838EDE", "versionEndIncluding": "5.2.x", "versionStartIncluding": "4.0.x", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:network_reporting:*:*:*:*:*:*:*:*", "matchCriteriaId": "84EB1E01-DB96-402F-AFD5-C7471898798A", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:octelaccess_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E53EA20-1C16-4990-B6AB-5DB152BBB663", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:octeldesigner:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A2DED01-5279-45E6-B2F9-043AE42C2014", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:operational_analyst:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F048BA5-841B-4F42-A46F-269D503B4261", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:outbound_contact_management:*:*:*:*:*:*:*:*", "matchCriteriaId": "809622B0-E540-4D53-881C-CC7452742065", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:speech_access:*:*:*:*:*:*:*:*", "matchCriteriaId": "F3587A97-16EA-4E58-BC01-CE37BA2FEE0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:unified_communication_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "963D3743-3FBA-4AA4-8FA0-0D567E5DED71", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:unified_messenger:*:*:*:*:*:*:*:*", "matchCriteriaId": "2635C6CE-082B-4CE1-87B5-38C11D33A9A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:visual_messenger:*:*:*:*:*:*:*:*", "matchCriteriaId": "FA613FC6-09A1-4873-9481-E00571A64FA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:visual_vector_client:*:*:*:*:*:*:*:*", "matchCriteriaId": "3045D507-ECEE-49F4-8080-B440A1B97240", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:vpnmanager_console:*:*:*:*:*:*:*:*", "matchCriteriaId": "DEB7AC00-A06F-4A4D-A173-704F1D4A6709", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:web_messenger:*:*:*:*:*:*:*:*", "matchCriteriaId": "D520A8CD-CA81-4CA4-85FE-C83E5DE541F5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other \"Vulnerability Type 2\" CVEs listed in MS11-034, aka \"Win32k Null Pointer De-reference Vulnerability.\""}, {"lang": "es", "value": "Vulneravilidad de desreferencia a puntero nulo en win32k.sys en el controlador  kernel-modeen en Microsoft Windows XP SP2 ySP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, SP2, R2, y R2 SP1, y Windows 7 Gold y SP1, permite a usuarios locales obtener privilegios a trav\u00e9s de aplicaciones manipuladas  lanzan un desreferencia a puntero nulo. Vulnerabilidad distinta de \"Vulnerabilidad tipo 2\" listada en los CVEs en MS11-034, tambi\u00e9n conocida como \"Win32k Null Pointer De-reference Vulnerability.\""}], "id": "CVE-2011-1229", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-04-13T20:26:25.250", "references": [{"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx"}, {"source": "secure@microsoft.com", "tags": ["Broken Link"], "url": "http://osvdb.org/71735"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/44156"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://support.avaya.com/css/P8/documents/100133352"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/47229"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1025345"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA11-102A.html"}, {"source": "secure@microsoft.com", "tags": ["Broken Link"], "url": "http://www.vupen.com/english/advisories/2011/0952"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034"}, {"source": "secure@microsoft.com", "tags": ["VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66411"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://osvdb.org/71735"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/44156"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://support.avaya.com/css/P8/documents/100133352"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/47229"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1025345"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA11-102A.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.vupen.com/english/advisories/2011/0952"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66411"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:microsoft:windows_2003_server:-:sp2:*:*:*:*:*:* (string)

matchCriteriaId : 3C0C7D2B-0AA5-4E82-B58B-2668A0EAC2E9 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:* (string)

matchCriteriaId : E33796DB-4523-4F04-B564-ADF030553D51 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* (string)

matchCriteriaId : C2B1C231-DE19-4B8F-A4AA-5B3A65276E46 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:* (string)

matchCriteriaId : 1D929AA2-EE0B-4AA1-805D-69BCCA11B77F (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 32623D48-7000-4C7D-823F-7D2A9841D88C (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:* (string)

matchCriteriaId : 5F422A8C-2C4E-42C8-B420-E0728037E15C (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:* (string)

matchCriteriaId : B20DD263-5A62-4CB1-BD47-D1F9A6C67E08 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:* (string)

matchCriteriaId : B7674920-AE12-4A25-BE57-34AEDDA74D76 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:* (string)

matchCriteriaId : B320A104-9037-487E-BC9A-62B4A6B49FD0 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* (string)

matchCriteriaId : AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:* (string)

matchCriteriaId : 3A04E39A-623E-45CA-A5FC-25DAA0F275A3 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:x64:* (string)

matchCriteriaId : 7211B5C5-6B6E-4A33-88BC-1D64CD684204 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:* (string)

matchCriteriaId : BF1AD1A1-EE20-4BCE-9EE6-84B27139811C (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:x64:* (string)

matchCriteriaId : 6FF85ADB-8F36-424D-9F4A-BD357304CE66 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:x64:* (string)

matchCriteriaId : BADB0479-3E0E-4326-B568-9DBDCACF0B5E (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:* (string)

matchCriteriaId : C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:avaya:agent_access:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 41A2A343-6084-4123-80AB-99508101821B (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:avaya:aura_conferencing_standard_edition:6.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 34F74A4C-8A30-4CE7-81CB-85248313E78F (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:avaya:basic_call_management_system_reporting_desktop:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E47123FC-A4C4-4806-A708-6F31455FA030 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:avaya:call_management_server_supervisor:*:*:*:*:*:*:*:* (string)

matchCriteriaId : C0697163-0E8F-40DF-BA37-5506EFF383F9 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:avaya:callpilot:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BB19CA9F-6272-4E9C-A986-6ED5B199894A (string)

versionEndIncluding : 5.0.x (string)

versionStartIncluding : 4.0.x (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:avaya:callvisor_asai_lan:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B145E412-2D7B-4961-94CA-1BEE72D93067 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:avaya:communication_server_1000_telephony_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AB0E8DB4-973E-4A92-AFC0-809EF9612020 (string)

versionEndIncluding : 4.0.0 (string)

versionStartIncluding : 3.0.0 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:avaya:computer_telephony:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2C7CB383-65EB-4B90-A987-1BEBA6F0804A (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:avaya:contact_center_express:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 0A5BAB1E-B4CA-465B-9305-EB9A4B60A18D (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:avaya:customer_interaction_express:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 456FCAC1-3789-4C51-98EB-31C3502A2CBD (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:avaya:enterprise_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6D010DC3-3263-4D74-80AB-29AF09159346 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:avaya:integrated_management:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D12D6986-429E-4152-A6E5-4CC1FB9556D3 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:avaya:interaction_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 4A9CC958-7300-4CEF-95BE-4DE004DCFE45 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:avaya:ip_agent:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F01ED7E7-0B36-407E-B0A5-3878A269BCB4 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:avaya:ip_softphone:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B63252E0-FB28-4854-81D5-DF654F1758F7 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:avaya:meeting_exchange:*:*:*:*:*:*:*:* (string)

matchCriteriaId : DBE28C39-5C7A-46A8-9718-33C0EB579C66 (string)

versionEndIncluding : 5.2.0 (string)

versionStartIncluding : 5.0.0 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:avaya:messaging_application_server:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 1FC25636-CED5-4D7C-866E-0E98E0838EDE (string)

versionEndIncluding : 5.2.x (string)

versionStartIncluding : 4.0.x (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:avaya:network_reporting:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 84EB1E01-DB96-402F-AFD5-C7471898798A (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:avaya:octelaccess_server:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6E53EA20-1C16-4990-B6AB-5DB152BBB663 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:avaya:octeldesigner:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6A2DED01-5279-45E6-B2F9-043AE42C2014 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:avaya:operational_analyst:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 3F048BA5-841B-4F42-A46F-269D503B4261 (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:avaya:outbound_contact_management:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 809622B0-E540-4D53-881C-CC7452742065 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:avaya:speech_access:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F3587A97-16EA-4E58-BC01-CE37BA2FEE0E (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:avaya:unified_communication_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 963D3743-3FBA-4AA4-8FA0-0D567E5DED71 (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:a:avaya:unified_messenger:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2635C6CE-082B-4CE1-87B5-38C11D33A9A9 (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:a:avaya:visual_messenger:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FA613FC6-09A1-4873-9481-E00571A64FA3 (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:a:avaya:visual_vector_client:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 3045D507-ECEE-49F4-8080-B440A1B97240 (string)

vulnerable : true (boolean)

}

27 : { »

criteria : cpe:2.3:a:avaya:vpnmanager_console:*:*:*:*:*:*:*:* (string)

matchCriteriaId : DEB7AC00-A06F-4A4D-A173-704F1D4A6709 (string)

vulnerable : true (boolean)

}

28 : { »

criteria : cpe:2.3:a:avaya:web_messenger:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D520A8CD-CA81-4CA4-85FE-C83E5DE541F5 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." (string)

}

1 : { »

lang : es (string)

value : Vulneravilidad de desreferencia a puntero nulo en win32k.sys en el controlador kernel-modeen en Microsoft Windows XP SP2 ySP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, SP2, R2, y R2 SP1, y Windows 7 Gold y SP1, permite a usuarios locales obtener privilegios a través de aplicaciones manipuladas lanzan un desreferencia a puntero nulo. Vulnerabilidad distinta de "Vulnerabilidad tipo 2" listada en los CVEs en MS11-034, también conocida como "Win32k Null Pointer De-reference Vulnerability." (string)

}

]

id : CVE-2011-1229 (string)

lastModified : 2025-04-11T00:51:21.963 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 7.2 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : COMPLETE (string)

vectorString : AV:L/AC:L/Au:N/C:C/I:C/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 10 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2011-04-13T20:26:25.250 (string)

references : [ »

0 : { »

source : secure@microsoft.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx (string)

}

1 : { »

source : secure@microsoft.com (string)

tags : [ »

0 : Broken Link (string)

]

url : http://osvdb.org/71735 (string)

}

2 : { »

source : secure@microsoft.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/44156 (string)

}

3 : { »

source : secure@microsoft.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://support.avaya.com/css/P8/documents/100133352 (string)

}

4 : { »

source : secure@microsoft.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/47229 (string)

}

5 : { »

source : secure@microsoft.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securitytracker.com/id?1025345 (string)

}

6 : { »

source : secure@microsoft.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : US Government Resource (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA11-102A.html (string)

}

7 : { »

source : secure@microsoft.com (string)

tags : [ »

0 : Broken Link (string)

]

url : http://www.vupen.com/english/advisories/2011/0952 (string)

}

8 : { »

source : secure@microsoft.com (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034 (string)

}

9 : { »

source : secure@microsoft.com (string)

tags : [ »

0 : VDB Entry (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/66411 (string)

}

10 : { »

source : secure@microsoft.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://osvdb.org/71735 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/44156 (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://support.avaya.com/css/P8/documents/100133352 (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/47229 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securitytracker.com/id?1025345 (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : US Government Resource (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA11-102A.html (string)

}

18 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://www.vupen.com/english/advisories/2011/0952 (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034 (string)

}

20 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : VDB Entry (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/66411 (string)

}

21 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503 (string)

}

]

sourceIdentifier : secure@microsoft.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-476 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object