Vulnerability-Lookup

CVE-2012-0217 (GCVE-0-2012-0217)

Vulnerability from cvelistv5 – Published: 2012-06-12 22:00 – Updated: 2024-08-06 18:16

Summary

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.

Severity ?

No CVSS data available.

CWE

Assigner

debian

References

URL

Tags

	http://secunia.com/advisories/55082	third-party-advisoryx_refsource_SECUNIA
	http://www.us-cert.gov/cas/techalerts/TA12-164A.html	third-party-advisoryx_refsource_CERT
	http://blog.xen.org/index.php/2012/06/13/the-inte…	x_refsource_CONFIRM
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://www.exploit-db.com/exploits/28718/	exploitx_refsource_EXPLOIT-DB
	https://bugzilla.redhat.com/show_bug.cgi?id=813428	x_refsource_CONFIRM
	http://ftp.netbsd.org/pub/NetBSD/security/advisor…	vendor-advisoryx_refsource_NETBSD
	http://security.gentoo.org/glsa/glsa-201309-24.xml	vendor-advisoryx_refsource_GENTOO
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.debian.org/security/2012/dsa-2501	vendor-advisoryx_refsource_DEBIAN
	http://blog.illumos.org/2012/06/14/illumos-vulner…	x_refsource_CONFIRM
	https://www.illumos.org/issues/2873	x_refsource_CONFIRM
	http://lists.xen.org/archives/html/xen-devel/2012…	mailing-listx_refsource_MLIST
	http://www.debian.org/security/2012/dsa-2508	vendor-advisoryx_refsource_DEBIAN
	http://lists.xen.org/archives/html/xen-announce/2…	mailing-listx_refsource_MLIST
	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://support.citrix.com/article/CTX133161	x_refsource_CONFIRM
	https://www.exploit-db.com/exploits/46508/	exploitx_refsource_EXPLOIT-DB
	http://smartos.org/2012/06/15/smartos-news-3/	x_refsource_CONFIRM
	http://wiki.smartos.org/display/DOC/SmartOS+Chang…	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/649219	third-party-advisoryx_refsource_CERT-VN
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://security.freebsd.org/advisories/FreeBSD-SA…	vendor-advisoryx_refsource_FREEBSD

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:16:19.831Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "55082",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55082"
          },
          {
            "name": "TA12-164A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
          },
          {
            "name": "MS12-042",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
          },
          {
            "name": "28718",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/28718/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
          },
          {
            "name": "NetBSD-SA2012-003",
            "tags": [
              "vendor-advisory",
              "x_refsource_NETBSD",
              "x_transferred"
            ],
            "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
          },
          {
            "name": "GLSA-201309-24",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
          },
          {
            "name": "oval:org.mitre.oval:def:15596",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
          },
          {
            "name": "DSA-2501",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2501"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.illumos.org/issues/2873"
          },
          {
            "name": "[xen-devel] 20120619 Security vulnerability process, and CVE-2012-0217",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
          },
          {
            "name": "DSA-2508",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2508"
          },
          {
            "name": "[xen-announce] 20120612 Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.citrix.com/article/CTX133161"
          },
          {
            "name": "46508",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/46508/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://smartos.org/2012/06/15/smartos-news-3/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
          },
          {
            "name": "VU#649219",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/649219"
          },
          {
            "name": "MDVSA-2013:150",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
          },
          {
            "name": "FreeBSD-SA-12:04",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-06-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application.  NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-08T10:57:01.000Z",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "55082",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55082"
        },
        {
          "name": "TA12-164A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
        },
        {
          "name": "MS12-042",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
        },
        {
          "name": "28718",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/28718/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
        },
        {
          "name": "NetBSD-SA2012-003",
          "tags": [
            "vendor-advisory",
            "x_refsource_NETBSD"
          ],
          "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
        },
        {
          "name": "GLSA-201309-24",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
        },
        {
          "name": "oval:org.mitre.oval:def:15596",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
        },
        {
          "name": "DSA-2501",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2501"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.illumos.org/issues/2873"
        },
        {
          "name": "[xen-devel] 20120619 Security vulnerability process, and CVE-2012-0217",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
        },
        {
          "name": "DSA-2508",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2508"
        },
        {
          "name": "[xen-announce] 20120612 Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.citrix.com/article/CTX133161"
        },
        {
          "name": "46508",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/46508/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://smartos.org/2012/06/15/smartos-news-3/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
        },
        {
          "name": "VU#649219",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/649219"
        },
        {
          "name": "MDVSA-2013:150",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
        },
        {
          "name": "FreeBSD-SA-12:04",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2012-0217",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application.  NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "55082",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55082"
            },
            {
              "name": "TA12-164A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
            },
            {
              "name": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/",
              "refsource": "CONFIRM",
              "url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
            },
            {
              "name": "MS12-042",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
            },
            {
              "name": "28718",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/28718/"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=813428",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
            },
            {
              "name": "NetBSD-SA2012-003",
              "refsource": "NETBSD",
              "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
            },
            {
              "name": "GLSA-201309-24",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:15596",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
            },
            {
              "name": "DSA-2501",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2501"
            },
            {
              "name": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/",
              "refsource": "CONFIRM",
              "url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
            },
            {
              "name": "https://www.illumos.org/issues/2873",
              "refsource": "CONFIRM",
              "url": "https://www.illumos.org/issues/2873"
            },
            {
              "name": "[xen-devel] 20120619 Security vulnerability process, and CVE-2012-0217",
              "refsource": "MLIST",
              "url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
            },
            {
              "name": "DSA-2508",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2508"
            },
            {
              "name": "[xen-announce] 20120612 Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation",
              "refsource": "MLIST",
              "url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
            },
            {
              "name": "http://support.citrix.com/article/CTX133161",
              "refsource": "CONFIRM",
              "url": "http://support.citrix.com/article/CTX133161"
            },
            {
              "name": "46508",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/46508/"
            },
            {
              "name": "http://smartos.org/2012/06/15/smartos-news-3/",
              "refsource": "CONFIRM",
              "url": "http://smartos.org/2012/06/15/smartos-news-3/"
            },
            {
              "name": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012",
              "refsource": "CONFIRM",
              "url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
            },
            {
              "name": "VU#649219",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/649219"
            },
            {
              "name": "MDVSA-2013:150",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
            },
            {
              "name": "FreeBSD-SA-12:04",
              "refsource": "FREEBSD",
              "url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2012-0217",
    "datePublished": "2012-06-12T22:00:00.000Z",
    "dateReserved": "2011-12-14T00:00:00.000Z",
    "dateUpdated": "2024-08-06T18:16:19.831Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

FKIE_CVE-2012-0217

Vulnerability from fkie_nvd - Published: 2012-06-12 22:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
security@debian.org	http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/
security@debian.org	http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/
security@debian.org	http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc
security@debian.org	http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html
security@debian.org	http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html
security@debian.org	http://secunia.com/advisories/55082
security@debian.org	http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc
security@debian.org	http://security.gentoo.org/glsa/glsa-201309-24.xml
security@debian.org	http://smartos.org/2012/06/15/smartos-news-3/
security@debian.org	http://support.citrix.com/article/CTX133161
security@debian.org	http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012
security@debian.org	http://www.debian.org/security/2012/dsa-2501
security@debian.org	http://www.debian.org/security/2012/dsa-2508
security@debian.org	http://www.kb.cert.org/vuls/id/649219	US Government Resource
security@debian.org	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
security@debian.org	http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
security@debian.org	http://www.us-cert.gov/cas/techalerts/TA12-164A.html	US Government Resource
security@debian.org	https://bugzilla.redhat.com/show_bug.cgi?id=813428
security@debian.org	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042
security@debian.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596
security@debian.org	https://www.exploit-db.com/exploits/28718/
security@debian.org	https://www.exploit-db.com/exploits/46508/
security@debian.org	https://www.illumos.org/issues/2873
af854a3a-2127-422b-91ae-364da2661108	http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/
af854a3a-2127-422b-91ae-364da2661108	http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/
af854a3a-2127-422b-91ae-364da2661108	http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc
af854a3a-2127-422b-91ae-364da2661108	http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/55082
af854a3a-2127-422b-91ae-364da2661108	http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-201309-24.xml
af854a3a-2127-422b-91ae-364da2661108	http://smartos.org/2012/06/15/smartos-news-3/
af854a3a-2127-422b-91ae-364da2661108	http://support.citrix.com/article/CTX133161
af854a3a-2127-422b-91ae-364da2661108	http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2012/dsa-2501
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2012/dsa-2508
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/649219	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA12-164A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=813428
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/28718/
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/46508/
af854a3a-2127-422b-91ae-364da2661108	https://www.illumos.org/issues/2873

Impacted products

Vendor	Product	Version
freebsd	freebsd	*
illumos	illumos	*
joyent	smartos	*
xen	xen	*
xen	xen	4.0.0
xen	xen	4.0.1
xen	xen	4.0.2
xen	xen	4.0.3
xen	xen	4.0.4
xen	xen	4.1.0
xen	xen	4.1.1
microsoft	windows_7	*
microsoft	windows_7	*
microsoft	windows_server_2003	*
microsoft	windows_server_2008	r2
microsoft	windows_xp	*
citrix	xenserver	*
citrix	xenserver	6.0
netbsd	netbsd	*
sun	sunos	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F7B2CC9-2907-49AF-8497-CE60554123F4",
              "versionEndIncluding": "9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:illumos:illumos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F4D46A-B031-4639-AA94-5E44091F4B92",
              "versionEndIncluding": "r13723",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:joyent:smartos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F2DF32E-26A0-4463-85DD-6E63C125E606",
              "versionEndIncluding": "20120614",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5037783-1819-4FC5-B7A7-EB80F6A98E1F",
              "versionEndIncluding": "4.1.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "550223A9-B9F1-440A-8C25-9F0F76AF7301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC734D58-96E5-4DD2-8781-F8E0ADB96462",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "62CEC1BF-1922-410D-BCBA-C58199F574C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "923F2C2B-4A65-4823-B511-D0FEB7C7FAB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1A24DED-B2EC-4D9C-9FA4-DD37EF3E3BFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D532B60-C8DD-4A2F-9D05-E574D23EB754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D83CA8B-8E49-45FA-8FAB-C15052474542",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "CE381783-027E-4B6D-B801-59873E5EA483",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*",
              "matchCriteriaId": "4FA15D65-7C32-4C7A-9915-746AB3F454EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*",
              "matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "24FCA867-7158-459C-9D6C-75A39263F00A",
              "versionEndIncluding": "6.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C1D10B8-202D-44A4-A872-88D7C11488D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:*:beta:*:*:*:*:*:*",
              "matchCriteriaId": "D2AF9820-F982-4804-9580-78CDD4273C6B",
              "versionEndIncluding": "6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "696972CD-A690-4DDC-A852-1253062AE874",
              "versionEndIncluding": "5.11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application.  NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier."
    },
    {
      "lang": "es",
      "value": "El modo de usuario Scheduler en el n\u00facleo en Microsoft Windows Server v2008 R2 y R2 SP1 y Windows v7 Gold y SP1 sobre la plataforma x64 no maneja adecuadamente solicitudes del sistema, lo que permite a usuarios locales obtener privilegios a trav\u00e9s de una aplicaci\u00f3n modificada, tambi\u00e9n conocida como \"vulnerabilidad de corrupci\u00f3n de memoria de modo de usuario Scheduler\"."
    }
  ],
  "evaluatorImpact": "Per: http://technet.microsoft.com/en-us/security/bulletin/ms12-042\n\n\u0027This vulnerability only affects Intel x64-based versions of Windows 7 and Windows Server 2008 R2.  Systems with AMD or ARM-based CPUs are not affected by this vulnerability.\u0027",
  "id": "CVE-2012-0217",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-06-12T22:55:01.343",
  "references": [
    {
      "source": "security@debian.org",
      "url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
    },
    {
      "source": "security@debian.org",
      "url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
    },
    {
      "source": "security@debian.org",
      "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
    },
    {
      "source": "security@debian.org",
      "url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
    },
    {
      "source": "security@debian.org",
      "url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/55082"
    },
    {
      "source": "security@debian.org",
      "url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
    },
    {
      "source": "security@debian.org",
      "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
    },
    {
      "source": "security@debian.org",
      "url": "http://smartos.org/2012/06/15/smartos-news-3/"
    },
    {
      "source": "security@debian.org",
      "url": "http://support.citrix.com/article/CTX133161"
    },
    {
      "source": "security@debian.org",
      "url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.debian.org/security/2012/dsa-2501"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.debian.org/security/2012/dsa-2508"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/649219"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
    },
    {
      "source": "security@debian.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
    },
    {
      "source": "security@debian.org",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
    },
    {
      "source": "security@debian.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
    },
    {
      "source": "security@debian.org",
      "url": "https://www.exploit-db.com/exploits/28718/"
    },
    {
      "source": "security@debian.org",
      "url": "https://www.exploit-db.com/exploits/46508/"
    },
    {
      "source": "security@debian.org",
      "url": "https://www.illumos.org/issues/2873"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/55082"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://smartos.org/2012/06/15/smartos-news-3/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.citrix.com/article/CTX133161"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2012/dsa-2501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2012/dsa-2508"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/649219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/28718/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/46508/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.illumos.org/issues/2873"
    }
  ],
  "sourceIdentifier": "security@debian.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2012-AVI-586

Vulnerability from certfr_avis - Published: 2012-10-17 - Updated: 2012-10-17

Dix-huit vulnérabilités ont été corrigées dans Oracle Sun Products Suite. Elles concernent des dénis de services à distance, des atteintes à l'intégrité des données, des atteintes à la confidentialité des données et des élévations de privilèges

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Solaris 8, 9, 10, 11
Oracle	N/A	Sun Java System Application Server 8.1
Oracle	N/A	Oracle GlassFish Server 3.1.2
Oracle	N/A	Sun Java System Application Server 8.2
Oracle	N/A	SPARC T3, Netra SPARC T3, SPARC T4, Netra SPARC T4
Oracle	N/A	Oracle GlassFish Server 3.0.1
Oracle	N/A	Sun GlassFish Enterprise Server 2.1.1

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle 16 octobre 2012	None	vendor-advisory
Bulletin de sécurité Oracle cpuoct2012-1515893 du 16 octobre 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Solaris 8, 9, 10, 11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Sun Java System Application Server 8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle GlassFish Server 3.1.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Sun Java System Application Server 8.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "SPARC T3, Netra SPARC T3, SPARC T4, Netra SPARC T4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle GlassFish Server 3.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Sun GlassFish Enterprise Server 2.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-3209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3209"
    },
    {
      "name": "CVE-2012-3199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3199"
    },
    {
      "name": "CVE-2012-3206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3206"
    },
    {
      "name": "CVE-2012-5095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5095"
    },
    {
      "name": "CVE-2012-3204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3204"
    },
    {
      "name": "CVE-2012-3189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3189"
    },
    {
      "name": "CVE-2012-3208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3208"
    },
    {
      "name": "CVE-2012-3155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3155"
    },
    {
      "name": "CVE-2012-3211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3211"
    },
    {
      "name": "CVE-2012-3215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3215"
    },
    {
      "name": "CVE-2012-3205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3205"
    },
    {
      "name": "CVE-2012-3212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3212"
    },
    {
      "name": "CVE-2012-3165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3165"
    },
    {
      "name": "CVE-2012-3210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3210"
    },
    {
      "name": "CVE-2012-0217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0217"
    },
    {
      "name": "CVE-2012-3187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3187"
    },
    {
      "name": "CVE-2012-3207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3207"
    },
    {
      "name": "CVE-2012-3203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3203"
    }
  ],
  "initial_release_date": "2012-10-17T00:00:00",
  "last_revision_date": "2012-10-17T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuoct2012-1515893 du 16    octobre 2012 :",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
    }
  ],
  "reference": "CERTA-2012-AVI-586",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-10-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Dix-huit vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle Sun Products Suite\u003c/span\u003e. Elles concernent des\nd\u00e9nis de services \u00e0 distance, des atteintes \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es,\ndes atteintes \u00e0 la confidentialit\u00e9 des donn\u00e9es et des \u00e9l\u00e9vations de\nprivil\u00e8ges\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Sun Products Suite",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle 16 octobre 2012",
      "url": null
    }
  ]
}

CERTA-2012-AVI-326

Vulnerability from certfr_avis - Published: 2012-06-13 - Updated: 2012-06-13

Deux vulnérabilités ont été corrigées dans le noyau Microsoft Windows. La première intervient lorsque le mode utilisateur requête le « Scheduler » système et la deuxième concerne une altération en mémoire de la ROM BIOS.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2008 R2 x64 ;
Microsoft	Windows	Windows Server 2008 R2 x64 Service Pack 1.
Microsoft	Windows	Windows XP Service Pack 3 ;
Microsoft	Windows	Windows 7 x64 Service Pack 1 ;
Microsoft	Windows	Windows 7 x64 ;
Microsoft	Windows	Windows Server 2003 Service Pack 2 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS12-042 du 12 juin 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2008 R2 x64 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 x64 Service Pack 1.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP Service Pack 3 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 x64 Service Pack 1 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 x64 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2003 Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-1515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1515"
    },
    {
      "name": "CVE-2012-0217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0217"
    }
  ],
  "initial_release_date": "2012-06-13T00:00:00",
  "last_revision_date": "2012-06-13T00:00:00",
  "links": [],
  "reference": "CERTA-2012-AVI-326",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-06-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e. La premi\u00e8re intervient lorsque\nle mode utilisateur requ\u00eate le \u00ab Scheduler \u00bb syst\u00e8me et la deuxi\u00e8me\nconcerne une alt\u00e9ration en m\u00e9moire de la ROM BIOS.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans le noyau Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS12-042 du 12 juin 2012",
      "url": "http://technet.microsoft.com/en-us/security/bulletin/MS12-042"
    }
  ]
}

CERTA-2012-AVI-334

Vulnerability from certfr_avis - Published: 2012-06-15 - Updated: 2012-06-15

Une vulnérabilité a été corrigée dans FreeBSD. Son exploitation permet à un utilisateur local d'élever ses privilèges, de corrompre des données du noyau ou d'effectuer un déni de service.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
FreeBSD	N/A	FreeBSD version 7.x ;
FreeBSD	N/A	FreeBSD version 9.x.
FreeBSD	N/A	FreeBSD version 8.x ;

References

Title

Publication Time

Tags

Bulletin de sécurité FreeBSD SA-12:04.sysret

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "FreeBSD version 7.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "FreeBSD",
          "scada": false
        }
      }
    },
    {
      "description": "FreeBSD version 9.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "FreeBSD",
          "scada": false
        }
      }
    },
    {
      "description": "FreeBSD version 8.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "FreeBSD",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-0217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0217"
    }
  ],
  "initial_release_date": "2012-06-15T00:00:00",
  "last_revision_date": "2012-06-15T00:00:00",
  "links": [],
  "reference": "CERTA-2012-AVI-334",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-06-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans FreeBSD. Son exploitation permet \u00e0\nun utilisateur local d\u0027\u00e9lever ses privil\u00e8ges, de corrompre des donn\u00e9es\ndu noyau ou d\u0027effectuer un d\u00e9ni de service.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans FreeBSD",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 FreeBSD SA-12:04.sysret",
      "url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
    }
  ]
}

CERTA-2012-AVI-328

Vulnerability from certfr_avis - Published: 2012-06-13 - Updated: 2012-06-13

Trois vulnérabilités ont été corrigées dans Xen. Une des vulnérabilités concerne les machines virtuelles 64 bits tournant sur un hyperviseur 64 bits et permet à un utilisateur dans une machine virtuelle d'élever ses privilèges au même niveau que l'hôte.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	XEN	Xen	Xen 3.x ;
	XEN	Xen	Xen 4.x.

References

Title

Publication Time

Tags

Bulletins de sécurité Xen du 12 juin 2012	None	vendor-advisory
Bulletin de sécurité Xen 7 du 12 juin 2012 :	-	other
Bulletin de sécurité Citrix du 12 juin 2012 :	-	other
Bulletin de sécurité Xen 9 du 12 juin 2012 :	-	other
Bulletin de sécurité Xen 8 du 12 juin 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Xen 3.x ;",
      "product": {
        "name": "Xen",
        "vendor": {
          "name": "XEN",
          "scada": false
        }
      }
    },
    {
      "description": "Xen 4.x.",
      "product": {
        "name": "Xen",
        "vendor": {
          "name": "XEN",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-2934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2934"
    },
    {
      "name": "CVE-2012-0218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0218"
    },
    {
      "name": "CVE-2012-0217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0217"
    }
  ],
  "initial_release_date": "2012-06-13T00:00:00",
  "last_revision_date": "2012-06-13T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Xen 7 du 12 juin 2012 :",
      "url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix du 12 juin 2012 :",
      "url": "http://support.citrix.com/article/CTX133161"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Xen 9 du 12 juin 2012 :",
      "url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00002.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Xen 8 du 12 juin 2012 :",
      "url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00003.html"
    }
  ],
  "reference": "CERTA-2012-AVI-328",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-06-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Trois vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eXen\u003c/span\u003e. Une des vuln\u00e9rabilit\u00e9s concerne les machines\nvirtuelles 64 bits tournant sur un hyperviseur 64 bits et permet \u00e0 un\nutilisateur dans une machine virtuelle d\u0027\u00e9lever ses privil\u00e8ges au m\u00eame\nniveau que l\u0027h\u00f4te.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Xen",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 Xen du 12 juin 2012",
      "url": null
    }
  ]
}

GSD-2012-0217

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2012-0217

Aliases

CVE-2012-0217

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-0217",
    "description": "The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application.  NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.",
    "id": "GSD-2012-0217",
    "references": [
      "https://www.suse.com/security/cve/CVE-2012-0217.html",
      "https://www.debian.org/security/2012/dsa-2508",
      "https://www.debian.org/security/2012/dsa-2501",
      "https://access.redhat.com/errata/RHSA-2012:0721",
      "https://access.redhat.com/errata/RHSA-2012:0720",
      "https://linux.oracle.com/cve/CVE-2012-0217.html",
      "https://packetstormsecurity.com/files/cve/CVE-2012-0217"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-0217"
      ],
      "details": "The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application.  NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.",
      "id": "GSD-2012-0217",
      "modified": "2023-12-13T01:20:13.914797Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@debian.org",
        "ID": "CVE-2012-0217",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application.  NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "55082",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/55082"
          },
          {
            "name": "TA12-164A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
          },
          {
            "name": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/",
            "refsource": "CONFIRM",
            "url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
          },
          {
            "name": "MS12-042",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
          },
          {
            "name": "28718",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/28718/"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=813428",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
          },
          {
            "name": "NetBSD-SA2012-003",
            "refsource": "NETBSD",
            "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
          },
          {
            "name": "GLSA-201309-24",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
          },
          {
            "name": "oval:org.mitre.oval:def:15596",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
          },
          {
            "name": "DSA-2501",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2012/dsa-2501"
          },
          {
            "name": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/",
            "refsource": "CONFIRM",
            "url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
          },
          {
            "name": "https://www.illumos.org/issues/2873",
            "refsource": "CONFIRM",
            "url": "https://www.illumos.org/issues/2873"
          },
          {
            "name": "[xen-devel] 20120619 Security vulnerability process, and CVE-2012-0217",
            "refsource": "MLIST",
            "url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
          },
          {
            "name": "DSA-2508",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2012/dsa-2508"
          },
          {
            "name": "[xen-announce] 20120612 Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation",
            "refsource": "MLIST",
            "url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
          },
          {
            "name": "http://support.citrix.com/article/CTX133161",
            "refsource": "CONFIRM",
            "url": "http://support.citrix.com/article/CTX133161"
          },
          {
            "name": "46508",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/46508/"
          },
          {
            "name": "http://smartos.org/2012/06/15/smartos-news-3/",
            "refsource": "CONFIRM",
            "url": "http://smartos.org/2012/06/15/smartos-news-3/"
          },
          {
            "name": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012",
            "refsource": "CONFIRM",
            "url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
          },
          {
            "name": "VU#649219",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/649219"
          },
          {
            "name": "MDVSA-2013:150",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
          },
          {
            "name": "FreeBSD-SA-12:04",
            "refsource": "FREEBSD",
            "url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:illumos:illumos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r13723",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:joyent:smartos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "20120614",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.1.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.0.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:*:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.11",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2012-0217"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application.  NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.illumos.org/issues/2873",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://www.illumos.org/issues/2873"
            },
            {
              "name": "[xen-announce] 20120612 Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
            },
            {
              "name": "http://smartos.org/2012/06/15/smartos-news-3/",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://smartos.org/2012/06/15/smartos-news-3/"
            },
            {
              "name": "NetBSD-SA2012-003",
              "refsource": "NETBSD",
              "tags": [],
              "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
            },
            {
              "name": "http://support.citrix.com/article/CTX133161",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.citrix.com/article/CTX133161"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=813428",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
            },
            {
              "name": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
            },
            {
              "name": "[xen-devel] 20120619 Security vulnerability process, and CVE-2012-0217",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
            },
            {
              "name": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
            },
            {
              "name": "VU#649219",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/649219"
            },
            {
              "name": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
            },
            {
              "name": "FreeBSD-SA-12:04",
              "refsource": "FREEBSD",
              "tags": [],
              "url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
            },
            {
              "name": "DSA-2508",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2012/dsa-2508"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
            },
            {
              "name": "DSA-2501",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2012/dsa-2501"
            },
            {
              "name": "TA12-164A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
            },
            {
              "name": "55082",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/55082"
            },
            {
              "name": "GLSA-201309-24",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
            },
            {
              "name": "MDVSA-2013:150",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
            },
            {
              "name": "oval:org.mitre.oval:def:15596",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
            },
            {
              "name": "28718",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "https://www.exploit-db.com/exploits/28718/"
            },
            {
              "name": "MS12-042",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
            },
            {
              "name": "46508",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "https://www.exploit-db.com/exploits/46508/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2020-09-28T12:58Z",
      "publishedDate": "2012-06-12T22:55Z"
    }
  }
}

GHSA-Q644-363Q-JFMM

Vulnerability from github – Published: 2022-05-04 00:28 – Updated: 2025-04-11 03:58

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-0217"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-06-12T22:55:00Z",
    "severity": "HIGH"
  },
  "details": "The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application.  NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.",
  "id": "GHSA-q644-363q-jfmm",
  "modified": "2025-04-11T03:58:20Z",
  "published": "2022-05-04T00:28:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0217"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/28718"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/46508"
    },
    {
      "type": "WEB",
      "url": "https://www.illumos.org/issues/2873"
    },
    {
      "type": "WEB",
      "url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched"
    },
    {
      "type": "WEB",
      "url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation"
    },
    {
      "type": "WEB",
      "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
    },
    {
      "type": "WEB",
      "url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/55082"
    },
    {
      "type": "WEB",
      "url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
    },
    {
      "type": "WEB",
      "url": "http://smartos.org/2012/06/15/smartos-news-3"
    },
    {
      "type": "WEB",
      "url": "http://support.citrix.com/article/CTX133161"
    },
    {
      "type": "WEB",
      "url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2012/dsa-2501"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2012/dsa-2508"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/649219"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-0217 (GCVE-0-2012-0217)

FKIE_CVE-2012-0217

CERTA-2012-AVI-586

Solution

CERTA-2012-AVI-326

Solution

CERTA-2012-AVI-334

Solution

CERTA-2012-AVI-328

Solution

GSD-2012-0217

GHSA-Q644-363Q-JFMM

Tags

Sightings

Nomenclature