CVE-2011-0037

Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted value of an unspecified user registry key.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.microsoft.com/technet/security/advisory/2491888.mspx	Vendor Advisory
http://www.securityfocus.com/bid/46540
http://secunia.com/advisories/43468	Vendor Advisory
http://www.vupen.com/english/advisories/2011/0486	Vendor Advisory
http://securitytracker.com/id?1025117
https://exchange.xforce.ibmcloud.com/vulnerabilities/65626

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:windows_defender::::::::
	cpe:2.3:a:microsoft:forefront_client_security::::::::
	cpe:2.3:a:microsoft:malware_protection_engine:1.1.3520.0:::::::*
	cpe:2.3:a:microsoft:malware_protection_engine::::::::
	cpe:2.3:a:microsoft:windows_live_onecare::::::::
	cpe:2.3:a:microsoft:security_essentials::::::::
	cpe:2.3:a:microsoft:forefront_endpoint_protection_2010:-:::::::*
	cpe:2.3:a:microsoft:malware_protection_engine:0.1.13.192:::::::*
	cpe:2.3:a:microsoft:malicious_software_removal_tool::::::::

Information

Published : 2011-02-25 10:00

Updated : 2017-08-16 18:33

NVD link : CVE-2011-0037

Mitre link : CVE-2011-0037

JSON object : View

CWE

CWE-20

Improper Input Validation

Advertisement

Products Affected

microsoft

malicious_software_removal_tool
windows_live_onecare
forefront_client_security
security_essentials
malware_protection_engine
forefront_endpoint_protection_2010
windows_defender

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.microsoft.com/technet/security/advisory/2491888.mspx", "name": "http://www.microsoft.com/technet/security/advisory/2491888.mspx", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/46540", "name": "46540", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/43468", "name": "43468", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2011/0486", "name": "ADV-2011-0486", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://securitytracker.com/id?1025117", "name": "1025117", "tags": [], "refsource": "SECTRACK"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65626", "name": "ms-malware-engine-priv-esc(65626)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted value of an unspecified user registry key."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2011-0037", "ASSIGNER": "secure@microsoft.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2011-02-25T18:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:windows_defender:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:forefront_client_security:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:malware_protection_engine:1.1.3520.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.1.6502.0"}, {"cpe23Uri": "cpe:2.3:a:microsoft:windows_live_onecare:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:security_essentials:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:forefront_endpoint_protection_2010:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:malware_protection_engine:0.1.13.192:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:malicious_software_removal_tool:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-17T01:33Z"}