Microsoft Windows CVE-2012-1864 Local Privilege Escalation Vulnerability
BID:53815
Info
Microsoft Windows CVE-2012-1864 Local Privilege Escalation Vulnerability
| Bugtraq ID: | 53815 |
| Class: | Unknown |
| CVE: |
CVE-2012-1864 |
| Remote: | No |
| Local: | Yes |
| Published: | Jun 12 2012 12:00AM |
| Updated: | Oct 04 2013 12:15AM |
| Credit: | Tarjei Mandt of Azimuth Security |
| Vulnerable: |
Microsoft Windows XP Service Pack 3 0 Microsoft Windows XP Professional x64 Edition SP2 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Vista Service Pack 2 0 Microsoft Windows Server 2008 R2 x64 SP1 Microsoft Windows Server 2008 R2 x64 0 Microsoft Windows Server 2008 R2 Itanium SP1 Microsoft Windows Server 2008 R2 Itanium 0 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2003 x64 SP2 Microsoft Windows Server 2003 Itanium SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems 0 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for 32-bit Systems 0 |
| Not Vulnerable: | |
Discussion
Microsoft Windows CVE-2012-1864 Local Privilege Escalation Vulnerability
Microsoft Windows is prone to a local privilege-escalation vulnerability.
An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers.
Microsoft Windows is prone to a local privilege-escalation vulnerability.
An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers.
Exploit / POC
Microsoft Windows CVE-2012-1864 Local Privilege Escalation Vulnerability
Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product.
Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product.
Solution / Fix
Microsoft Windows CVE-2012-1864 Local Privilege Escalation Vulnerability
Solution:
Vendor updates are available. Please see the references for details.
Solution:
Vendor updates are available. Please see the references for details.
References
Microsoft Windows CVE-2012-1864 Local Privilege Escalation Vulnerability
References:
References:
- Microsoft Windows Homepage (Microsoft )