CVE-2011-0045 Information
Description
The Trace Events functionality in the kernel in Microsoft Windows XP SP3 does not properly perform type conversion which causes integer truncation and insufficient memory allocation and triggers a buffer overflow which allows local users to gain privileges via a crafted application related to WmiTraceMessageVa aka \Windows Kernel Integer Truncation Vulnerability.\
Reference
http://osvdb.org/70823 http://securityreason.com/securityalert/8110 http://support.avaya.com/css/P8/documents/100127248 http://www.securityfocus.com/archive/1/516276/100/0/threaded http://www.securityfocus.com/bid/46136 http://www.securitytracker.com/id?1025046 http://www.vupen.com/english/advisories/2011/0324 http://www.zerodayinitiative.com/advisories/ZDI-11-064 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-011 https://exchange.xforce.ibmcloud.com/vulnerabilities/64926 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11996
Share on: