CVE Vulnerabilities

CVE-2011-1974

Published: Aug 10, 2011 | Modified: Feb 26, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka NDISTAPI Elevation of Privilege Vulnerability.

Affected Software

Name Vendor Start Version End Version
Windows_xp Microsoft - -
Windows_xp Microsoft * *
Windows_server_2003 Microsoft * *
Windows_2003_server Microsoft * *

References