Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability."
Weaknesses in this category are related to improper management of system resources.
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
| Link | Tags |
|---|---|
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11942 | signature vdb entry |
| http://osvdb.org/71745 | vdb entry |
| http://www.us-cert.gov/cas/techalerts/TA11-102A.html | third party advisory us government resource |
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034 | vendor advisory |
| http://www.vupen.com/english/advisories/2011/0952 | vdb entry |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/66400 | vdb entry |
| http://www.securityfocus.com/bid/47206 | vdb entry |
| http://support.avaya.com/css/P8/documents/100133352 | |
| http://secunia.com/advisories/44156 | third party advisory |
| http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx | |
| http://www.securitytracker.com/id?1025345 | vdb entry |