Microsoft Windows Client/Server Run-Time Subsystem numeric error
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 8.8 | $5k-$25k | 0.00 |
Summary
A vulnerability labeled as problematic has been found in Microsoft Windows. Affected is an unknown function of the component Client/Server Run-Time Subsystem. Such manipulation leads to numeric error. This vulnerability is traded as CVE-2011-1284. An attack has to be approached locally. There is no exploit available.
Details
A vulnerability was found in Microsoft Windows (Operating System) (the affected version unknown). It has been rated as critical. Affected by this issue is an unknown part of the component Client/Server Run-Time Subsystem. The manipulation with an unknown input leads to a numeric error vulnerability. Using CWE to declare the problem leads to CWE-189. Impacted is confidentiality, integrity, and availability. CVE summarizes:
Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvWriteConsoleOutput Vulnerability."
The weakness was shared 07/13/2011 by j00ru with Hispasec (Website). The advisory is available at us-cert.gov. This vulnerability is handled as CVE-2011-1284. The exploitation is known to be easy. Local access is required to approach this attack. A simple authentication is necessary for exploitation. The technical details are unknown and an exploit is not available. The structure of the vulnerability defines a possible price range of USD $5k-$25k at the moment (estimation calculated on 11/14/2021).
The vulnerability scanner Nessus provides a plugin with the ID 55572 (MS11-056: Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2507938)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Windows : Microsoft Bulletins. The commercial vulnerability scanner Qualys is able to test this issue with plugin 90719 (Microsoft Windows Client/Server Runtime Subsystem Elevation of Privilege Vulnerability (MS11-056)).
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
The vulnerability is also documented in the databases at X-Force (67749), Tenable (55572), SecurityFocus (BID 48606†) and Vulnerability Center (SBV-32255†). The entries VDB-4382, VDB-54556, VDB-57929 and VDB-57928 are related to this item. If you want to get best quality of vulnerability data, you may have to visit VulDB.
Product
Type
Vendor
Name
License
Website
- Vendor: https://www.microsoft.com/
- Product: https://www.microsoft.com/en-us/windows
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 8.8VulDB Meta Temp Score: 8.8
VulDB Base Score: 8.8
VulDB Temp Score: 8.8
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Numeric errorCWE: CWE-189
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: No
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 55572
Nessus Name: MS11-056: Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2507938)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
OpenVAS ID: 902609
OpenVAS Name: Microsoft Windows CSRSS Privilege Escalation Vulnerabilities (2507938)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: no mitigation knownStatus: 🔍
0-Day Time: 🔍
Timeline
03/04/2011 🔍07/12/2011 🔍
07/12/2011 🔍
07/13/2011 🔍
07/13/2011 🔍
07/13/2011 🔍
03/23/2015 🔍
11/14/2021 🔍
Sources
Vendor: microsoft.comProduct: microsoft.com
Advisory: us-cert.gov
Researcher: j00ru
Organization: Hispasec
Status: Not defined
CVE: CVE-2011-1284 (🔍)
GCVE (CVE): GCVE-0-2011-1284
GCVE (VulDB): GCVE-100-57914
OVAL: 🔍
X-Force: 67749
SecurityFocus: 48606 - Microsoft Windows CSRSS 'SrvWriteConsoleOutput()' Local Privilege Escalation Vulnerability
Vulnerability Center: 32255 - [MS11-056] Microsoft Windows Local Privilege Escalation Allows Code Execution (CVE-2011-1284), High
See also: 🔍
Entry
Created: 03/23/2015 16:50Updated: 11/14/2021 10:02
Changes: 03/23/2015 16:50 (60), 04/07/2017 16:04 (10), 11/14/2021 10:00 (2), 11/14/2021 10:02 (1)
Complete: 🔍
Cache ID: 216::103
If you want to get best quality of vulnerability data, you may have to visit VulDB.
No comments yet. Languages: en.
Please log in to comment.