| Vulnerability Name: | CVE-2011-1984 (CCN-69491) | ||||||||
| Assigned: | 2011-09-13 | ||||||||
| Published: | 2011-09-13 | ||||||||
| Updated: | 2020-09-28 | ||||||||
| Summary: | WINS in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 allows local users to gain privileges by sending crafted packets over the loopback interface, aka "WINS Local Elevation of Privilege Vulnerability." | ||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C) 5.6 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
5.6 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-264 | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: MITRE Type: CNA CVE-2011-1984 Source: CCN Type: SA45891 Microsoft Windows WINS Privilege Escalation Vulnerability Source: SREASON Type: UNKNOWN 8378 Source: CCN Type: Microsoft Security Bulletin MS11-070 Vulnerability in WINS Could Allow Elevation of Privilege (2571621) Source: CCN Type: BID-49523 Microsoft Windows WINS Server 'ECommEndDlg()' Local Privilege Escalation Vulnerability Source: CERT Type: US Government Resource TA11-256A Source: MS Type: UNKNOWN MS11-070 Source: XF Type: UNKNOWN ms-wins-privilege-escalation(69491) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:12634 Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [09-13-2011] | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||