<< Back
CVE Number Vulnerability Product Severity Date
MS11-062 Vulnerability in Remote Access Service NDISTAPI Driver Could Allow Elevation of Privilege (2566454) Windows XP Critical 10-08-2011

Technical Information

Brief overview of the risk:
An elevation of privilege vulnerability exists in the Remote Access Service NDISTAPI driver.
Detailed Information on the risk:
The vulnerability is caused when the NDISTAPI driver improperly validates user-supplied input when passing data from user mode to the Windows kernel. A local attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.Further information on this exploit is available at : MS11-062

Affected Software

Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems