OSVDB ID: 73795

Title: Microsoft Windows CSRSS SrvWriteConsoleOutputString() Function Local Overflow

Info

Disclosure

Jul 12, 2011

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Jul 12, 2011

Description

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Private
Disclosure: Vendor Verified, Coordinated Disclosure
OSVDB: Authentication Required

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

Products

Unknown or Incomplete

References

OVAL ID: 12889
CVE ID: 2011-1870 (see also: NVD)
Microsoft Knowledge Base Article: 2507938
Secunia Advisory ID: 45174
Bugtraq ID: 48605
Related OSVDB ID: 73792 73793 73794 73796
Microsoft Security Bulletin: MS11-056
CERT: TA11-193A

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/73795