CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
MS11-062 | Vulnerability in Remote Access Service NDISTAPI Driver Could Allow Elevation of Privilege (2566454) | Windows XP | Critical | 10-08-2011 |
Technical Information
Brief overview of the risk:
An elevation of privilege vulnerability exists in the Remote Access Service NDISTAPI driver.
Detailed Information on the risk:
The vulnerability is caused when the NDISTAPI driver improperly validates user-supplied input when passing data from user mode to the Windows kernel. A local attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.Further information on this exploit is available at : MS11-062
Affected Software
Windows XP Service Pack 3Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems