VulDB: Microsoft Windows XP/Vista/7/Server 2003/2008 win32k.sys buffer overflow
General
scipID: 5653
Affected: Microsoft Windows XP/Vista/7/Server 2003/2008
Published: 07/10/2012 (Nicolas Economou)
Risk: 
critical
Entry: 91.2% complete
Created: 07/12/2012
Updated: 09/03/2012
Summary
A vulnerability classified as critical was found in Microsoft Windows XP/Vista/7/Server 2003/2008. Affected by this vulnerability is an unknown function of the file win32k.sys. The manipulation with an unknown input leads to a buffer overflow vulnerability. As an impact it is known to affect confidentiality, integrity, and availability.
The weakness was presented 07/10/2012 by Nicolas Economou with Core Security Technologies as MS12-047 as bulletin (Microsoft Technet). The advisory is shared for download at technet.microsoft.com. The public release was coordinated in cooperation with Microsoft. This vulnerability is known as CVE-2012-1890 since 03/22/2012. The exploitability is known to be difficult. The attack can be launched remotely. The exploitation doesn’t need any form of authentication. Technical details and also a private exploit are known.
Applying the patch MS12-047 is able to eliminate this problem. The bugfix is ready for download at technet.microsoft.com. A possible mitigation has been published immediately after the disclosure of the vulnerability. The vulnerability is also documented in the vulnerability database at OSVDB (83659).CVSS
Base Score: 7.6 (CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C) [?]
| Access Vector | Access Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Local | High | Multiple | None | None | None |
| Adjacent | Medium | Single | Partial | Partial | Partial |
| Network | Low | None | Complete | Complete | Complete |
Exploiting
Class: Buffer overflow
Local: No
Remote: Yes
Availability: Yes
Access: Private
Countermeasures
Recommended: Patch
Reaction Time: 0 days since reported
0-Day Time: 0 days since found
Exposure Time: 0 days since known
Patch: MS12-047
Timeline
03/22/2012 | CVE assigned
07/10/2012 | Advisory disclosed
07/10/2012 | Countermeasure disclosed
07/10/2012 | OSVDB entry created
07/12/2012 | VulDB entry created
09/03/2012 | VulDB entry updated
Sources
Advisory: MS12-047
Researcher: Nicolas Economou
Company: Core Security Technologies
Coordinated: Yes
OSVDB: 83659
CVE: CVE-2012-1890 (mitre.org) (nist.org) (cvedetails.com)
- Latest Entries
- EMC RSA Authentication API Encryption Key information disclosure
- Cisco Secure Access Control System Web Interface weak authentication
- Python ssl.match_hostname() denial of service
- Mozilla Firefox/Thunderbird nsContentUtils::RemoveScriptBlocker buffer overflow
- Mozilla Firefox/Thunderbird nsFrameList::FirstChild buffer overflow
- Statistics
- Archive
