Russian Vulnerability Scanner Database

Back to List

CVE-2012-0217

Scores

EPSS

0.880high88.0%
0%20%40%60%80%100%

Percentile: 88.0%

CVSS

7.9high2.0
0246810

CVSS Score: 7.9/10

All CVSS Scores

CVSS 2.0
7.9

Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C

Description

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

debiannvdredhatubuntu

CWEs

CWE-119

Exploits

Exploit ID: 20861

Source: exploitdb

URL: https://www.exploit-db.com/exploits/20861

Exploit ID: 28718

Source: exploitdb

URL: https://www.exploit-db.com/exploits/28718

Exploit ID: 46508

Source: exploitdb

URL: https://www.exploit-db.com/exploits/46508

Vulnerable Software (19)

Type: Configuration

Product: kernel

Operating System: rhel 5

Trait: 
{  "fixed": "2.6.18-308.8.2.el5"}

Source: redhat

Type: Configuration

Product: kernel

Operating System: rhel 5.6

Trait: 
{  "fixed": "2.6.18-238.39.1.el5"}

Source: redhat

Type: Configuration

Product: kfreebsd-10

Operating System: debian

Trait: 
{  "fixed": "10.0~svn237137-1"}

Source: debian

Type: Configuration

Product: kfreebsd-8

Operating System: debian

Trait: 
{  "fixed": "8.3-4"}

Source: debian

Type: Configuration

Product: kfreebsd-9

Operating System: debian

Trait: 
{  "fixed": "9.0-4"}

Source: debian

Type: Configuration

Product: xen

Operating System: debian

Trait: 
{  "fixed": "4.1.3~rc1+hg-20120614.a9c0a89c08f2-1"}

Source: debian

Type: Configuration

Product: xen-3.1

Operating System: ubuntu hardy 8.04

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: xen-3.2

Operating System: ubuntu hardy 8.04

Trait: 
{  "fixed": "3.2.0-0ubuntu10.2"}

Source: ubuntu

Type: Configuration

Vendor: *

Product: freebsd

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",      "versionEndIncluding": "9.0",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: illumos

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:illumos:illumos:*:*:*:*:*:*:*:*",      "versionEndIncluding": "r13723",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: netbsd

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:netbsd:netbsd:*:beta:*:*:*:*:*:*",      "versionEndIncluding": "6.0",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: smartos

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:joyent:smartos:*:*:*:*:*:*:*:*",      "versionEndIncluding": "20120614",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: sunos

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",      "versionEndIncluding": "5.11",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: windows_7

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*...

Source: nvd

Type: Configuration

Vendor: *

Product: windows_server_2003

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*...

Source: nvd

Type: Configuration

Vendor: *

Product: windows_server_2008

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*...

Source: nvd

Type: Configuration

Vendor: *

Product: windows_xp

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*...

Source: nvd

Type: Configuration

Vendor: *

Product: xen

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",      "versionEndIncluding": "4.1.2",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:xen:xen:4.0.0:*...

Source: nvd

Type: Configuration

Vendor: *

Product: xenserver

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*",      "versionEndIncluding": "6.0.2",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:citrix...

Source: nvd

End of list