CVE-2011-0037: Input Validation
First published: Fri Feb 25 2011(Updated: )
Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted value of an unspecified user registry key.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Forefront Client Security | ||
| Microsoft Windows Defender | ||
| Microsoft Malware Protection Engine | <=1.1.6502.0 | |
| Microsoft Forefront Endpoint Protection 2010 | ||
| Microsoft Malware Protection Engine | =0.1.13.192 | |
| Microsoft Windows Live Onecare | ||
| Microsoft Malicious Software Removal Tool | ||
| Microsoft Malware Protection Engine | =1.1.3520.0 | |
| Microsoft Security Essentials |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- vendor/microsoft
- canonical/microsoft forefront client security
- canonical/microsoft windows defender
- canonical/microsoft malware protection engine
- canonical/microsoft forefront endpoint protection 2010
- canonical/microsoft windows live onecare
- canonical/microsoft malicious software removal tool
- canonical/microsoft defender
- collector/nvd-index
- agent/author
- agent/weakness
- agent/severity
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/event
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- version/microsoft malware protection engine/1.1.6502.0
- version/microsoft malware protection engine/0.1.13.192
- version/microsoft malware protection engine/1.1.3520.0
- canonical/microsoft security essentials