CVE-2012-0180
Description
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode for (1) windows and (2) messages, which allows local users to gain privileges via a crafted application, aka Windows and Messages Vulnerability.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.401
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Security Update for Windows XP (KB2660649) | Windows |
| Security Update for Windows Vista (KB2660649) | Windows |
| Security Update for Windows Server 2008 (KB2660649) | Windows |
| Security Update for Windows 7 (KB2660649) x86 based systems | Windows |
| Security Update for Windows 7 (KB2660649) x86 based systems for SP1 | Windows |
| Security Update for Windows Vista for x64-based Systems (KB2660649) | Windows |
| Security Update for Windows Server 2008 x64 Edition (KB2660649) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2660649) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2660649) for SP1 | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2660649) | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2660649) for SP1 | Windows |
| Security Update for Windows XP (KB2659262) | Windows |
| Security Update for Windows Server 2003 (KB2659262) | Windows |
| Security Update for Windows Vista (KB2659262) | Windows |
| Security Update for Windows Server 2008 (KB2659262) | Windows |
| Security Update for Windows 7 (KB2659262) x86 based systems | Windows |
| Security Update for Windows 7 (KB2659262) x86 based systems for SP1 | Windows |
| Security Update for Windows XP x64 Edition (KB2659262) | Windows |
| Security Update for Windows Server 2003 x64 Edition (KB2659262) | Windows |
| Security Update for Windows Vista for x64-based Systems (KB2659262) | Windows |
| Security Update for Windows Server 2008 x64 Edition (KB2659262) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2659262) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2659262) for SP1 | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2659262) | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2659262) | Windows |
| Security Update for Windows XP (KB2676562) | Windows |
| Security Update for Windows Server 2003 (KB2676562) | Windows |
| Security Update for Windows Vista (KB2676562) | Windows |
| Security Update for Windows Server 2008 (KB2676562) | Windows |
| Security Update for Windows 7 (KB2676562) x86 based systems | Windows |
| Security Update for Windows 7 (KB2676562) x86 based systems for SP1 | Windows |
| Security Update for Windows XP x64 Edition (KB2676562) | Windows |
| Security Update for Windows Server 2003 x64 Edition (KB2676562) | Windows |
| Security Update for Windows Vista for x64-based Systems (KB2676562) | Windows |
| Security Update for Windows Server 2008 x64 Edition (KB2676562) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2676562) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2676562) for SP1 | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2676562) | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2676562) for SP2 | Windows |
| Security Update for Windows XP (KB2686509) | Windows |
| Security Update for Windows Server 2003 (KB2686509) | Windows |
| Security Update for Windows XP x64 Edition (KB2686509) | Windows |
| Security Update for Windows Server 2003 x64 Edition (KB2686509) | Windows |
| Security Update for Windows Vista (KB2658846) | Windows |
| Security Update for Windows Server 2008 (KB2658846) | Windows |
| Security Update for Windows 7 (KB2658846) x86 based systems | Windows |
| Security Update for Windows 7 (KB2658846) x86 based systems for SP1 | Windows |
| Security Update for Windows Vista for x64-based Systems (KB2658846) | Windows |
| Security Update for Windows Server 2008 x64 Edition (KB2658846) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2658846) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2658846) for SP1 | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2658846) | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2658846) | Windows |
| Security Update for Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2003 and Windows XP (KB2656407) x86 based systems | Windows |
| Security Update for Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2003 and Windows XP (KB2656407) x64 bases systems | Windows |
| Security Update for Microsoft .NET Framework 3.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2 (KB2656409) x86 based systems | Windows |
| Security Update for Microsoft .NET Framework 3.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2 (KB2656409) x64 bases systems | Windows |
| Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 (KB2656410) x86 based systems | Windows |
| Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1 (KB2656411) x86 based systems | Windows |
| Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 (KB2656410) x64 bases systems | Windows |
| Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1 (KB2656411) x64 bases systems | Windows |
| Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 (KB2656405) x86 based systems | Windows |
| Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 (KB2656405) x64 bases systems | Windows |
| Security Update for Microsoft Office 2007 suites (KB2596672) | Windows |
| Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition | Windows |
| Security Update for Microsoft Office 2010 (KB2589337) 64-Bit Edition | Windows |
| Security Update for Microsoft Silverlight (KB2636927) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-11810 | Security Update for Windows Vista (KB2660649) |
| PATCH-11811 | Security Update for Windows Server 2008 (KB2660649) |
| PATCH-11813 | Security Update for Windows 7 (KB2660649) |
| PATCH-11814 | Security Update for Windows Vista for x64-based Systems (KB2660649) |
| PATCH-11815 | Security Update for Windows Server 2008 x64 Edition (KB2660649) |
| PATCH-11817 | Security Update for Windows 7 for x64-based Systems (KB2660649) |
| PATCH-11819 | Security Update for Windows Server 2008 R2 x64 Edition (KB2660649) |
| PATCH-11824 | Security Update for Windows 7 (KB2659262) |
| PATCH-11825 | Security Update for Windows 7 (KB2659262) |
| PATCH-11826 | Security Update for Windows XP x64 Edition (KB2659262) |
| PATCH-11830 | Security Update for Windows 7 for x64-based Systems (KB2659262) |
| PATCH-11831 | Security Update for Windows 7 for x64-based Systems (KB2659262) |
| PATCH-11832 | Security Update for Windows Server 2008 R2 x64 Edition (KB2659262) |
| PATCH-11833 | Security Update for Windows Server 2008 R2 x64 Edition (KB2659262) |
| PATCH-11836 | Security Update for Windows Vista (KB2676562) |
| PATCH-11837 | Security Update for Windows Server 2008 (KB2676562) |
| PATCH-11838 | Security Update for Windows 7 (KB2676562) |
| PATCH-11839 | Security Update for Windows 7 (KB2676562) |
| PATCH-11842 | Security Update for Windows Vista for x64-based Systems (KB2676562) |
| PATCH-11843 | Security Update for Windows Server 2008 x64 Edition (KB2676562) |
| PATCH-11844 | Security Update for Windows 7 for x64-based Systems (KB2676562) |
| PATCH-11845 | Security Update for Windows 7 for x64-based Systems (KB2676562) |
| PATCH-11846 | Security Update for Windows Server 2008 R2 x64 Edition (KB2676562) |
| PATCH-11847 | Security Update for Windows Server 2008 R2 x64 Edition (KB2676562) |
| PATCH-11852 | Security Update for Windows Vista (KB2658846) |
| PATCH-11853 | Security Update for Windows Server 2008 (KB2658846) |
| PATCH-11855 | Security Update for Windows 7 (KB2658846) |
| PATCH-11856 | Security Update for Windows Vista for x64-based Systems (KB2658846) |
| PATCH-11857 | Security Update for Windows Server 2008 x64 Edition (KB2658846) |
| PATCH-11859 | Security Update for Windows 7 for x64-based Systems (KB2658846) |
| PATCH-11861 | Security Update for Windows Server 2008 R2 x64 Edition (KB2658846) |
| PATCH-11862 | Security Update for Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2003 and Windows XP (KB2656407) |
| PATCH-11863 | Security Update for Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2003 and Windows XP (KB2656407) |
| PATCH-11866 | Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 (KB2656410) |
| PATCH-11867 | Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1 (KB2656411) |
| PATCH-11868 | Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 (KB2656410) |
| PATCH-11869 | Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1 (KB2656411) |
| PATCH-11870 | Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 (KB2656405) |
| PATCH-11871 | Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 (KB2656405) |
| PATCH-11873 | Security Update for Microsoft Office 2007 suites (KB2596672) |
| PATCH-11875 | Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition |
| PATCH-11876 | Security Update for Microsoft Office 2010 (KB2589337) 64-Bit Edition |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234