CVE-2011-0037
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
25/02/2011
Last modified:
11/04/2025
Description
Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted value of an unspecified user registry key.
Impact
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:microsoft:forefront_client_security:*:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:forefront_endpoint_protection_2010:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:malicious_software_removal_tool:*:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:* | 1.1.6502.0 (including) | |
| cpe:2.3:a:microsoft:malware_protection_engine:0.1.13.192:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:malware_protection_engine:1.1.3520.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:security_essentials:*:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:windows_defender:*:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:windows_live_onecare:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/43468
- http://securitytracker.com/id?1025117=
- http://www.microsoft.com/technet/security/advisory/2491888.mspx
- http://www.securityfocus.com/bid/46540
- http://www.vupen.com/english/advisories/2011/0486
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65626
- http://secunia.com/advisories/43468
- http://securitytracker.com/id?1025117=
- http://www.microsoft.com/technet/security/advisory/2491888.mspx
- http://www.securityfocus.com/bid/46540
- http://www.vupen.com/english/advisories/2011/0486
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65626