win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka Win32k Null Pointer De-reference Vulnerability.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Windows_2003_server | Microsoft | * | * |
Windows_7 | Microsoft | - (including) | - (including) |
Windows_7 | Microsoft | –sp1 (including) | –sp1 (including) |
Windows_server_2003 | Microsoft | * | * |
Windows_server_2008 | Microsoft | * | * |
Windows_server_2008 | Microsoft | –sp2 (including) | –sp2 (including) |
Windows_server_2008 | Microsoft | r2 (including) | r2 (including) |
Windows_vista | Microsoft | * | * |
Windows_xp | Microsoft | * | * |
Windows_xp | Microsoft | –sp2 (including) | –sp2 (including) |