Published: 12/06/2012 Updated: 07/12/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Subscribe to Windows Server 2008

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to gain privileges via a crafted application, aka "String Atom Class Name Handling Vulnerability," a different vulnerability than CVE-2012-1865.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows server 2008
microsoft windows xp -
microsoft windows 7 -
microsoft windows xp
microsoft windows 7
microsoft windows server 2003
microsoft windows vista
microsoft windows 2003 server

Robbing a bank? Carberp toolkit now available for just $5k

The Register • John Leyden • 18 Jun 2013

Trojan forum sale may mark split in Carberp gang

Cybercrooks are selling the source code for the Carberp banking Trojan toolkit through underground forums - at just $5,000 a pop. The sale of the building blocks for the banking Trojan toolkit is a sign of "conflict within the team", according to Andrey Komarov of Russian security firm Group-IB. "Some of the members would love to destroy the project and move onto another business or new product," Komarov told El Reg. The toolkit for sale consists of the full source code of Carberp, including: co...

CVE-2012-1864

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect