Vulnerability Details CVE-2011-0037
Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted value of an unspecified user registry key.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.0%
CVSS Severity
CVSS v2 Score 7.2
References
- http://secunia.com/advisories/43468
- http://securitytracker.com/id?1025117
- http://www.microsoft.com/technet/security/advisory/2491888.mspx
- http://www.securityfocus.com/bid/46540
- http://www.vupen.com/english/advisories/2011/0486
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65626
- http://secunia.com/advisories/43468
- http://securitytracker.com/id?1025117
- http://www.microsoft.com/technet/security/advisory/2491888.mspx
- http://www.securityfocus.com/bid/46540
- http://www.vupen.com/english/advisories/2011/0486
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65626
Products affected by CVE-2011-0037
-
cpe:2.3:a:microsoft:forefront_client_security:1.0
-
cpe:2.3:a:microsoft:forefront_endpoint_protection_2010:-
-
cpe:2.3:a:microsoft:malicious_software_removal_tool:*
-
cpe:2.3:a:microsoft:malware_protection_engine:-
-
cpe:2.3:a:microsoft:malware_protection_engine:0.1.13.192
-
cpe:2.3:a:microsoft:malware_protection_engine:1.1.3520.0
-
cpe:2.3:a:microsoft:security_essentials:-
-
cpe:2.3:a:microsoft:windows_defender:-
-
cpe:2.3:a:microsoft:windows_defender:1.1.23060.3001
-
cpe:2.3:a:microsoft:windows_defender:4.18.23100.2009
-
cpe:2.3:a:microsoft:windows_live_onecare:-