vendor:
Windows 7
by:
Byoungyoung Lee
9.3
CVSS
CRITICAL
Buffer Overrun
119
CWE
Product Name: Windows 7
Affected Version From: Windows 7 32bit
Affected Version To: Windows 7 32bit
Patch Exists: YES
Related CWE: CVE-2011-2003
CPE: o:microsoft:windows_7::-:32bit
Metasploit:
https://www.rapid7.com/db/vulnerabilities/jboss_enterprise_application_platform-cve-2011-1483/, https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2011-3009/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2011-2686/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2011-3009/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2011-1753/, https://www.rapid7.com/db/vulnerabilities/apple-osx-apache-cve-2011-1755/, https://www.rapid7.com/db/vulnerabilities/apple-osx-ichatserver-cve-2011-1755/, https://www.rapid7.com/db/vulnerabilities/freebsd-vid-01d3ab7d-9c43-11e0-bc0f-0014a5e3cda6/
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 7 32bit
2011
MS11-077 .fon buffer overrun kernel-mode drivers exploit
Byoungyoung Lee and his team at Georgia Tech have discovered a vulnerability in Windows kernel-mode drivers that could allow remote code execution. The vulnerability is caused by a buffer overrun in the .fon file format handler. By sending a specially crafted .fon file to a vulnerable system, an attacker could execute arbitrary code in the context of the kernel.
Mitigation:
Microsoft has released a security update to address this vulnerability. Users should apply the update as soon as possible.
