What is the severity of CVE-2011-1282?

CVE-2011-1282 is rated as critical due to the potential for remote code execution.

How do I fix CVE-2011-1282?

To fix CVE-2011-1282, apply the security updates provided by Microsoft for the affected operating systems.

What versions of Windows are affected by CVE-2011-1282?

CVE-2011-1282 affects Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows 7, Windows Server 2003 SP2, Windows Server 2008, and Windows Server 2008 R2.

What kind of vulnerability is CVE-2011-1282?

CVE-2011-1282 is a memory corruption vulnerability that can lead to arbitrary code execution.

Is there a workaround for CVE-2011-1282 if I can't patch?

There are no effective workarounds for CVE-2011-1282, and immediate patching is recommended to mitigate the risk.

Vulnerability/
CVE-2011-1282

high

8.4

CWE

119 476

13/7/2011

17/10/2024

CVE-2011-1282: Buffer Overflow

First published: Wed Jul 13 2011(Updated: )

The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly initialize memory and consequently uses a NULL pointer in an unspecified function call, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvSetConsoleLocalEUDC Vulnerability."

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Windows Server 2003	=sp2
Microsoft Windows 7
Microsoft Windows 7	=sp1
Microsoft Windows 7	=sp1
Microsoft Windows Server	=sp2
Microsoft Windows Server
Microsoft Windows Server
Microsoft Windows Server
Microsoft Windows Server	=sp2
Microsoft Windows Server	=sp2
Microsoft Windows Server	=sp2
Microsoft Windows Server	=r2
Microsoft Windows Server	=r2
Microsoft Windows Vista	=sp1
Microsoft Windows Vista	=sp2
Microsoft Windows XP	=sp3
Microsoft Windows XP	=sp2
Microsoft Windows Vista	=sp2
Microsoft Windows Vista	=sp1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-1282?
CVE-2011-1282 is rated as critical due to the potential for remote code execution.
How do I fix CVE-2011-1282?
To fix CVE-2011-1282, apply the security updates provided by Microsoft for the affected operating systems.
What versions of Windows are affected by CVE-2011-1282?
CVE-2011-1282 affects Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows 7, Windows Server 2003 SP2, Windows Server 2008, and Windows Server 2008 R2.
What kind of vulnerability is CVE-2011-1282?
CVE-2011-1282 is a memory corruption vulnerability that can lead to arbitrary code execution.
Is there a workaround for CVE-2011-1282 if I can't patch?
There are no effective workarounds for CVE-2011-1282, and immediate patching is recommended to mitigate the risk.

agent/type
agent/references
agent/description
agent/first-publish-date
agent/event
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/severity
agent/source
agent/author
agent/softwarecombine
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-historical
collector/nvd-index
vendor/microsoft
canonical/microsoft windows server 2003
version/microsoft windows server 2003/sp2
canonical/microsoft windows 7
version/microsoft windows 7/sp1
canonical/microsoft windows server
version/microsoft windows server/sp2
version/microsoft windows server/r2
canonical/microsoft windows vista
version/microsoft windows vista/sp1
version/microsoft windows vista/sp2
canonical/microsoft windows xp
version/microsoft windows xp/sp3
version/microsoft windows xp/sp2