Microsoft Windows 'Win32k.sys' CVE-2013-1248 Local Privilege Escalation Vulnerability

Bugtraq ID: 57786
Class: Race Condition Error
CVE: CVE-2013-1248
Remote: No
Local: Yes
Published: Feb 12 2013 12:00AM
Updated: Feb 19 2013 10:32AM
Credit: Mateusz "j00ru" Jurczyk of Google Inc and Tencent Security Team
Vulnerable: Microsoft Windows XP Service Pack 3 0
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows Vista x64 Edition SP2
Microsoft Windows Vista Service Pack 2 0
Microsoft Windows Server 2008 R2 Itanium SP1
Microsoft Windows Server 2008 R2 Itanium 0
Microsoft Windows Server 2008 R2 for x64-based Systems SP1
Microsoft Windows Server 2008 R2 for x64-based Systems 0
Microsoft Windows Server 2008 for x64-based Systems SP2
Microsoft Windows Server 2008 for Itanium-based Systems SP2
Microsoft Windows Server 2008 for 32-bit Systems SP2
Microsoft Windows Server 2008 for 32-bit Systems 0
Microsoft Windows Server 2003 x64 SP2
Microsoft Windows Server 2003 x64 SP1
Microsoft Windows Server 2003 Itanium SP2
Microsoft Windows Server 2003 Itanium SP1
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 SP1
Microsoft Windows 7 for x64-based Systems SP1
Microsoft Windows 7 for x64-based Systems 0
Microsoft Windows 7 for 32-bit Systems SP1
Microsoft Windows 7 for 32-bit Systems 0
Avaya Messaging Application Server 5.2
Avaya Messaging Application Server 5
Avaya Messaging Application Server 4
Avaya Conferencing Standard Edition 6.0 SP1
Avaya Conferencing Standard Edition 6.0
Avaya Communication Server 1000 Telephony Manager 4.0
Avaya Communication Server 1000 Telephony Manager 3.0
Avaya CallPilot 5.0
Avaya CallPilot 4.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus