| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 8.8 | $0-$5k | 0.00 |
Summary
A vulnerability labeled as critical has been found in Microsoft Windows NT. This vulnerability affects unknown code in the library Ntdll.dll. Executing a manipulation can lead to Remote Code Execution. This vulnerability is handled as CVE-2012-0001. Additionally, an exploit exists. A patch should be applied to remediate this issue.
Details
A vulnerability classified as critical was found in Microsoft Windows NT (Operating System). This vulnerability affects an unknown part in the library Ntdll.dll. The manipulation with an unknown input leads to a remote code execution vulnerability. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:
The kernel in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly load structured exception handling tables, which allows context-dependent attackers to bypass the SafeSEH security feature by leveraging a Visual C++ .NET 2003 application, aka "Windows Kernel SafeSEH Bypass Vulnerability."
The weakness was released 01/10/2012 by Joshua J. Drake (iDefense) with VeriSign iDefense Labs as MS12-001 as confirmed posting (Microsoft Technet). The advisory is available at technet.microsoft.com. This vulnerability was named CVE-2012-0001 since 11/09/2011. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. Technical details and also a private exploit are known.
It is declared as proof-of-concept. The vulnerability scanner Nessus provides a plugin with the ID 57469 (MS12-001: Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Windows : Microsoft Bulletins and running in the context l. The commercial vulnerability scanner Qualys is able to test this issue with plugin 90766 (Microsoft Windows Kernel Security Feature Bypass Vulnerability (MS12-001)).
Applying the patch MS12-001 is able to eliminate this problem. The bugfix is ready for download at technet.microsoft.com. A possible mitigation has been published before and not just after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (71998), Tenable (57469), SecurityFocus (BID 51296†), OSVDB (78209†) and Secunia (SA47356†). If you want to get best quality of vulnerability data, you may have to visit VulDB.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.microsoft.com/
- Product: https://www.microsoft.com/en-us/windows
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 9.8VulDB Meta Temp Score: 8.8
VulDB Base Score: 9.8
VulDB Temp Score: 8.8
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Remote Code ExecutionCWE: Unknown
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Private
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 57469
Nessus Name: MS12-001: Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 902783
OpenVAS Name: Microsoft Windows Kernel Security Feature Bypass Vulnerability (2644615)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
0-Day Time: 🔍
Patch: MS12-001
Timeline
11/09/2011 🔍01/10/2012 🔍
01/10/2012 🔍
01/10/2012 🔍
01/10/2012 🔍
01/10/2012 🔍
01/10/2012 🔍
01/10/2012 🔍
01/10/2012 🔍
01/11/2012 🔍
01/21/2012 🔍
03/20/2021 🔍
Sources
Vendor: microsoft.comProduct: microsoft.com
Advisory: MS12-001
Researcher: Joshua J. Drake (iDefense)
Organization: VeriSign iDefense Labs
Status: Confirmed
CVE: CVE-2012-0001 (🔍)
GCVE (CVE): GCVE-0-2012-0001
GCVE (VulDB): GCVE-100-4546
OVAL: 🔍
IAVM: 🔍
X-Force: 71998
SecurityFocus: 51296 - Microsoft Windows Kernel CVE-2012-0001 SafeSEH Security Bypass Vulnerability
Secunia: 47356 - Microsoft Windows SafeSEH Bypass Weakness, Not Critical
OSVDB: 78209
SecurityTracker: 1026493 - Windows Kernel Lets Local Users Bypass the SafeSEH Security Feature
Vulnerability Center: 34194 - [MS12-001] Microsoft Windows Kernel SafeSEH Bypass Vulnerability, Critical
scip Labs: https://www.scip.ch/en/?labs.20161013
Entry
Created: 01/21/2012 01:00Updated: 03/20/2021 14:12
Changes: 01/21/2012 01:00 (78), 04/09/2017 13:18 (16), 03/20/2021 14:12 (3)
Complete: 🔍
Cache ID: 216::103
If you want to get best quality of vulnerability data, you may have to visit VulDB.
No comments yet. Languages: en.
Please log in to comment.