CVE-2011-0045
CVE-2011-0045
The Trace Events functionality in the kernel in Microsoft Windows XP SP3 does not properly perform type conversion, which causes integer truncation and insufficient memory allocation and triggers a buffer overflow, which allows local users to gain privileges via a crafted application, related to WmiTraceMessageVa, aka "Windows Kernel Integer Truncation Vulnerability."
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/16262unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://osvdb.org/70823https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-011http://securityreason.com/securityalert/8110https://exchange.xforce.ibmcloud.com/vulnerabilities/64926https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11996http://support.avaya.com/css/P8/documents/100127248http://www.securityfocus.com/archive/1/516276/100/0/threadedhttp://www.securityfocus.com/bid/46136http://www.securitytracker.com/id?1025046http://www.vupen.com/english/advisories/2011/0324http://www.zerodayinitiative.com/advisories/ZDI-11-064