製品・ソフトウェアに関する情報

JVN脆弱性詳細

Microsoft Windows の win32k.sys における権限昇格の脆弱性

タイトル	Microsoft Windows の win32k.sys における権限昇格の脆弱性
概要	Microsoft Windows の kernel-mode ドライバ内にある win32k.sys には、権限を取得される脆弱性が存在します。本脆弱性は、MS11-034 の Vulnerability Type 2 リスト上に掲載されている他の脆弱性とは異なる脆弱性です。
想定される影響	ローカルユーザにより、巧妙に細工されたアプリケーションを介して、Null ポインタデリファレンスを誘発され、権限を取得される可能性があります。
対策	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
公表日	2011年4月12日0:00
登録日	2011年5月9日12:06
最終更新日	2011年5月9日12:06

CVSS2.0 : 危険
スコア	7.2
ベクター	AV:L/AC:L/Au:N/C:C/I:C/A:C

影響を受けるシステム

マイクロソフト

Microsoft Windows 7 (x32)

Microsoft Windows 7 (x64)

Microsoft Windows Server 2003

Microsoft Windows Server 2003 (itanium)

Microsoft Windows Server 2003 (x64)

Microsoft Windows Server 2008 (itanium)

Microsoft Windows Server 2008 (x64)

Microsoft Windows Server 2008 (x86)

Microsoft Windows Server 2008 r2(itanium)

Microsoft Windows Server 2008 r2(x64)

Microsoft Windows Vista

Microsoft Windows Vista (x64)

Microsoft Windows XP (x64)

Microsoft Windows XP sp3

CVE (情報セキュリティ共通脆弱性識別子)

No	名前	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2011-1229	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1229
National Vulnerability Database (NVD)
2	CVE-2011-1229	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1229

CWE (共通脆弱性タイプ一覧)

No	名前	URL
JVNDB
1	CWE-Other	https://www.ipa.go.jp/security/vuln/CWE.html#CWEOther

ベンダー情報

No	名前	URL
Microsoft Security Bulletin
1	MS11-034	http://www.microsoft.com/technet/security/bulletin/MS11-034.mspx
マイクロソフトセキュリティ情報
2	MS11-034	http://www.microsoft.com/japan/technet/security/bulletin/MS11-034.mspx
富士通セキュリティ情報
3	TA11-102A	http://software.fujitsu.com/jp/security/vulnerabilities/ta11-102a.html
絵でみるセキュリティ情報
4	MS11-034e	http://www.microsoft.com/japan/security/bulletins/MS11-034e.mspx

その他

No	名前	URL
ISS X-Force Database
1	66411	http://xforce.iss.net/xforce/xfdb/66411
JPCERT 緊急報告
2	JPCERT-AT-2011-0008	https://www.jpcert.or.jp/at/2011/at110008.txt
JVN
3	JVNTA11-102A	http://jvn.jp/cert/JVNTA11-102A
OPEN SOURCE VULNERABILITY DATABASE (OSVDB)
4	71735	http://osvdb.org/71735
Secunia Advisory
5	SA44156	http://secunia.com/advisories/44156
SecurityFocus
6	47229	http://www.securityfocus.com/bid/47229
SecurityTracker
7	1025345	http://www.securitytracker.com/id?1025345
US-CERT Cyber Security Alerts
8	SA11-102A	http://www.us-cert.gov/cas/alerts/SA11-102A.html
US-CERT Technical Cyber Security Alert
9	TA11-102A	http://www.us-cert.gov/cas/techalerts/TA11-102A.html
VUPEN Security
10	VUPEN/ADV-2011-0952	http://www.vupen.com/english/advisories/2011/0952
警察庁 @police
11	マイクロソフト社のセキュリティ修正プログラムについて(MS11-018,019,020,021,022,023,024,025,026,027,028,029,030,031,032,033,034)	http://www.npa.go.jp/cyberpolice/#topics

変更履歴

No	変更内容	変更日
0	[2011年05月09日] 掲載	2018年2月17日10:37

NVD脆弱性情報

CVE-2011-1229

概要	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability."
公表日	2011年4月14日5:26
登録日	2021年1月28日16:38
最終更新日	2024年11月21日10:25

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:o:microsoft:windows_xp:-:sp3::::::
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::itanium:*
cpe:2.3:o:microsoft:windows_server_2008:-:::::::*
cpe:2.3:o:microsoft:windows_7:-:::::::*
cpe:2.3:o:microsoft:windows_2003_server:-:sp2::::::
cpe:2.3:o:microsoft:windows_vista:-:sp1::::::
cpe:2.3:o:microsoft:windows_server_2008:-:sp2::::::
cpe:2.3:o:microsoft:windows_7:-:sp1::::::
cpe:2.3:o:microsoft:windows_vista:-:sp2::::::
cpe:2.3:o:microsoft:windows_xp:-:sp2:::::x64:*
cpe:2.3:o:microsoft:windows_server_2008:r2::::::itanium:
cpe:2.3:o:microsoft:windows_server_2008:r2::::::x64:
cpe:2.3:o:microsoft:windows_vista:-:sp1:::::x64:*
cpe:2.3:o:microsoft:windows_server_2003:-:sp2::::::
cpe:2.3:o:microsoft:windows_vista:-:sp2:::::x64:*

構成2	以上	以下	より上	未満
cpe:2.3:a:avaya:integrated_management::::::::
cpe:2.3:a:avaya:meeting_exchange::::::::	5.0.0	5.2.0
cpe:2.3:a:avaya:aura_conferencing_standard_edition:6.0.0:::::::*
cpe:2.3:a:avaya:communication_server_1000_telephony_manager::::::::	3.0.0	4.0.0
cpe:2.3:a:avaya:callpilot::::::::	4.0.x	5.0.x
cpe:2.3:a:avaya:messaging_application_server::::::::	4.0.x	5.2.x
cpe:2.3:a:avaya:web_messenger::::::::
cpe:2.3:a:avaya:visual_vector_client::::::::
cpe:2.3:a:avaya:unified_communication_center::::::::
cpe:2.3:a:avaya:speech_access::::::::
cpe:2.3:a:avaya:outbound_contact_management::::::::
cpe:2.3:a:avaya:operational_analyst::::::::
cpe:2.3:a:avaya:network_reporting::::::::
cpe:2.3:a:avaya:ip_softphone::::::::
cpe:2.3:a:avaya:ip_agent::::::::
cpe:2.3:a:avaya:interaction_center::::::::
cpe:2.3:a:avaya:enterprise_manager::::::::
cpe:2.3:a:avaya:customer_interaction_express::::::::
cpe:2.3:a:avaya:contact_center_express::::::::
cpe:2.3:a:avaya:computer_telephony::::::::
cpe:2.3:a:avaya:callvisor_asai_lan::::::::
cpe:2.3:a:avaya:call_management_server_supervisor::::::::
cpe:2.3:a:avaya:basic_call_management_system_reporting_desktop::::::::
cpe:2.3:a:avaya:agent_access::::::::
cpe:2.3:a:avaya:octelaccess_server::::::::
cpe:2.3:a:avaya:unified_messenger::::::::
cpe:2.3:a:avaya:vpnmanager_console::::::::
cpe:2.3:a:avaya:octeldesigner::::::::
cpe:2.3:a:avaya:visual_messenger::::::::

関連情報、対策とツール

No	URL	タグ
1	http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx	Vendor Advisory
2	http://osvdb.org/71735	Broken Link
3	http://secunia.com/advisories/44156	Third Party Advisory
4	http://support.avaya.com/css/P8/documents/100133352	Third Party Advisory
5	http://www.securityfocus.com/bid/47229	Third Party Advisory VDB Entry
6	http://www.securitytracker.com/id?1025345	Third Party Advisory VDB Entry
7	http://www.us-cert.gov/cas/techalerts/TA11-102A.html	Third Party Advisory US Government Resource
8	http://www.vupen.com/english/advisories/2011/0952	Broken Link
9	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034	Patch Vendor Advisory
10	https://exchange.xforce.ibmcloud.com/vulnerabilities/66411	VDB Entry
11	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503	Third Party Advisory
12	http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx	Vendor Advisory
13	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503	Third Party Advisory
14	https://exchange.xforce.ibmcloud.com/vulnerabilities/66411	VDB Entry
15	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034	Patch Vendor Advisory
16	http://www.vupen.com/english/advisories/2011/0952	Broken Link
17	http://www.us-cert.gov/cas/techalerts/TA11-102A.html	Third Party Advisory US Government Resource
18	http://www.securitytracker.com/id?1025345	Third Party Advisory VDB Entry
19	http://www.securityfocus.com/bid/47229	Third Party Advisory VDB Entry
20	http://support.avaya.com/css/P8/documents/100133352	Third Party Advisory
21	http://secunia.com/advisories/44156	Third Party Advisory
22	http://osvdb.org/71735	Broken Link

共通脆弱性一覧

No	CWE	名前	URL
1	CWE-476	NULL ポインタデリファレンス	https://cwe.mitre.org/data/definitions/476.html

構成1	以上	以下	より上	未満
cpe:2.3:o:microsoft:windows_xp:-:sp3::::::
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::itanium:*
cpe:2.3:o:microsoft:windows_server_2008:-:::::::*
cpe:2.3:o:microsoft:windows_7:-:::::::*
cpe:2.3:o:microsoft:windows_2003_server:-:sp2::::::
cpe:2.3:o:microsoft:windows_vista:-:sp1::::::
cpe:2.3:o:microsoft:windows_server_2008:-:sp2::::::
cpe:2.3:o:microsoft:windows_7:-:sp1::::::
cpe:2.3:o:microsoft:windows_vista:-:sp2::::::
cpe:2.3:o:microsoft:windows_xp:-:sp2:::::x64:*
cpe:2.3:o:microsoft:windows_server_2008:r2::::::itanium:
cpe:2.3:o:microsoft:windows_server_2008:r2::::::x64:
cpe:2.3:o:microsoft:windows_vista:-:sp1:::::x64:*
cpe:2.3:o:microsoft:windows_server_2003:-:sp2::::::
cpe:2.3:o:microsoft:windows_vista:-:sp2:::::x64:*

構成2	以上	以下	より上	未満
cpe:2.3:a:avaya:integrated_management::::::::
cpe:2.3:a:avaya:meeting_exchange::::::::	5.0.0	5.2.0
cpe:2.3:a:avaya:aura_conferencing_standard_edition:6.0.0:::::::*
cpe:2.3:a:avaya:communication_server_1000_telephony_manager::::::::	3.0.0	4.0.0
cpe:2.3:a:avaya:callpilot::::::::	4.0.x	5.0.x
cpe:2.3:a:avaya:messaging_application_server::::::::	4.0.x	5.2.x
cpe:2.3:a:avaya:web_messenger::::::::
cpe:2.3:a:avaya:visual_vector_client::::::::
cpe:2.3:a:avaya:unified_communication_center::::::::
cpe:2.3:a:avaya:speech_access::::::::
cpe:2.3:a:avaya:outbound_contact_management::::::::
cpe:2.3:a:avaya:operational_analyst::::::::
cpe:2.3:a:avaya:network_reporting::::::::
cpe:2.3:a:avaya:ip_softphone::::::::
cpe:2.3:a:avaya:ip_agent::::::::
cpe:2.3:a:avaya:interaction_center::::::::
cpe:2.3:a:avaya:enterprise_manager::::::::
cpe:2.3:a:avaya:customer_interaction_express::::::::
cpe:2.3:a:avaya:contact_center_express::::::::
cpe:2.3:a:avaya:computer_telephony::::::::
cpe:2.3:a:avaya:callvisor_asai_lan::::::::
cpe:2.3:a:avaya:call_management_server_supervisor::::::::
cpe:2.3:a:avaya:basic_call_management_system_reporting_desktop::::::::
cpe:2.3:a:avaya:agent_access::::::::
cpe:2.3:a:avaya:octelaccess_server::::::::
cpe:2.3:a:avaya:unified_messenger::::::::
cpe:2.3:a:avaya:vpnmanager_console::::::::
cpe:2.3:a:avaya:octeldesigner::::::::
cpe:2.3:a:avaya:visual_messenger::::::::