|
|
|
|
| |
Credit:
The information has been provided by std_logics.
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-11-064/
|
| |
Vulnerable Systems:
* Microsoft Windows XP
The ability to make a system call is required in order to exploit this vulnerability.
The specific flaw exists within the kernel's support for Trace Events. Due to a bad type conversion, the kernel will use a truncated length for allocating data from userspace. When populating this buffer the kernel will use a differing length causing a buffer overflow. This will cause memory corruption and can lead to code execution under the context of the kernel.
Patch Availability:
Microsoft has issued an update to correct this vulnerability. More details can be found at:
http://www.microsoft.com/technet/security/bulletin/ms11-011.mspx
CVE Information:
CVE-2011-0045
Disclosure Timeline:
2010-09-29 - Vulnerability reported to vendor
2011-02-08 - Coordinated public release of advisory
|
|
|
|
|
