CERTA-2011-AVI-390
Vulnerability from certfr_avis

Des vulnérabilités permettant une élévation de privilèges ont été découvertes dans Microsoft Windows.

Description

Des vulnérabilités existent dans le processus CSRSS en raison de défauts d'allocation mémoire permettant l'exécution de code arbitraire avec le compte LocalSystem.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None
Impacted products
Vendor Product Description
Microsoft Windows Windows Server 2008 R2 32 bits et Windows Server 2008 R2 32 bits Service Pack 2 ;
Microsoft Windows Windows Vista Service Pack 1 et Windows Vista Service Pack 2 ;
Microsoft Windows Windows Server 2008 64 bits et Windows Server 2008 64 bits Service Pack 2 ;
Microsoft Windows Windows XP Professional x64 Edition Service Pack 2 ;
Microsoft Windows Windows Server 2003 Service Pack 3 ;
Microsoft Windows Windows Server 2008 pour Itanium et Windows Server 2008 pour Itanium Service Pack 2 ;
Microsoft Windows Windows Server 2008 32 bits et Windows Server 2008 32 bits Service Pack 2 ;
Microsoft Windows Windows XP Service Pack 3 ;
Microsoft Windows Windows 7 64 bits et Windows 7 64 bits Service Pack 1 ;
Microsoft Windows Windows Server 2003 x64 Edition Service Pack 2 ;
Microsoft Windows Windows Server 2008 R2 64 bits et Windows Server 2008 R2 64 bits Service Pack 2 ;
Microsoft Windows Windows Vista x64 Edition Service Pack 1 et Service Pack 2 ;
Microsoft Windows Windows 7 32 bits et Windows 7 32 bits Service Pack 1 ;
Microsoft Windows Windows Server 2003 avec Service Pack 2 pour Itanium ;
Microsoft Windows Windows Server 2008 R2 pour Itanium et Windows Server 2008 R2 pour Itanium Service Pack 2.
References

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2008 R2 32 bits et Windows Server 2008 R2 32 bits Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista Service Pack 1 et Windows Vista Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 64 bits et Windows Server 2008 64 bits Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP Professional x64 Edition Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2003 Service Pack 3 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour Itanium et Windows Server 2008 pour Itanium Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 32 bits et Windows Server 2008 32 bits Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP Service Pack 3 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 64 bits et Windows 7 64 bits Service Pack 1 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2003 x64 Edition Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 64 bits et Windows Server 2008 R2 64 bits Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista x64 Edition Service Pack 1 et Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 32 bits et Windows 7 32 bits Service Pack 1 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2003 avec Service Pack 2 pour Itanium ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour Itanium et Windows Server 2008 R2 pour Itanium Service Pack 2.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDes vuln\u00e9rabilit\u00e9s existent dans le processus CSRSS en raison de d\u00e9fauts\nd\u0027allocation m\u00e9moire permettant l\u0027ex\u00e9cution de code arbitraire avec le\ncompte LocalSystem.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1870"
    },
    {
      "name": "CVE-2011-1281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1281"
    },
    {
      "name": "CVE-2011-1284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1284"
    },
    {
      "name": "CVE-2011-1283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1283"
    },
    {
      "name": "CVE-2011-1282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1282"
    }
  ],
  "initial_release_date": "2011-07-13T00:00:00",
  "last_revision_date": "2011-07-13T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS11-056 du 12 juillet 2011    :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/MS11-056.mspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS11-056 du 12 juillet 2011    :",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS11-056.mspx"
    }
  ],
  "reference": "CERTA-2011-AVI-390",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-07-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Des vuln\u00e9rabilit\u00e9s permettant une \u00e9l\u00e9vation de privil\u00e8ges ont \u00e9t\u00e9\nd\u00e9couvertes dans \u003cspan class=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans CSRSS de Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 12 juillet 2011",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.