CVE-2012-0217 (CNNVD-201206-156)
HIGH
有利用代码
中文标题:
Microsoft Windows Server ‘User Mode Scheduler’ 缓冲区错误漏洞
英文标题:
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6....
CVSS分数:
7.2
发布时间:
2012-06-12 22:00:00
漏洞类型:
缓冲区错误
状态:
PUBLISHED
数据质量分数:
0.40
数据版本:
v6
漏洞描述
中文描述:
Microsoft Windows Server 2008是美国微软(Microsoft)公司的一套服务器操作系统。 基于x64平台的Microsoft Windows Server 2008 R2和R2 SP1版本,Windows 7 Gold和SP1版本中的内核中的User Mode Scheduler中存在漏洞,该漏洞源于未正确处理系统请求。本地用户可利用该漏洞通过特制的应用程序获取权限。也称“用户模式任务调度器内存破坏漏洞”。
英文描述:
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
CWE类型:
CWE-119
标签:
local
windows_x86-64
Shahriyar Jalayeri
OSVDB-82850
MS12-042
freebsd
CurcolHekerLink
OSVDB-82949
freebsd_x86-64
Metasploit
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| freebsd | freebsd | * | - | - |
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
|
| illumos | illumos | * | - | - |
cpe:2.3:o:illumos:illumos:*:*:*:*:*:*:*:*
|
| joyent | smartos | * | - | - |
cpe:2.3:o:joyent:smartos:*:*:*:*:*:*:*:*
|
| xen | xen | * | - | - |
cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*
|
| xen | xen | 4.0.0 | - | - |
cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*
|
| xen | xen | 4.0.1 | - | - |
cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*
|
| xen | xen | 4.0.2 | - | - |
cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*
|
| xen | xen | 4.0.3 | - | - |
cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*
|
| xen | xen | 4.0.4 | - | - |
cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*
|
| xen | xen | 4.1.0 | - | - |
cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*
|
| xen | xen | 4.1.1 | - | - |
cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*
|
| microsoft | windows_7 | * | - | - |
cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*
|
| microsoft | windows_server_2003 | * | - | - |
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
|
| microsoft | windows_server_2008 | r2 | - | - |
cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*
|
| microsoft | windows_xp | * | - | - |
cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
|
| citrix | xenserver | * | - | - |
cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*
|
| citrix | xenserver | 6.0 | - | - |
cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*
|
| netbsd | netbsd | * | - | - |
cpe:2.3:o:netbsd:netbsd:*:beta:*:*:*:*:*:*
|
| sun | sunos | * | - | - |
cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
55082
third-party-advisory
cve.org
访问
cve.org
TA12-164A
third-party-advisory
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
MS12-042
vendor-advisory
cve.org
访问
cve.org
28718
exploit
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
NetBSD-SA2012-003
vendor-advisory
cve.org
访问
cve.org
GLSA-201309-24
vendor-advisory
cve.org
访问
cve.org
oval:org.mitre.oval:def:15596
vdb-entry
cve.org
访问
cve.org
DSA-2501
vendor-advisory
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
[xen-devel] 20120619 Security vulnerability process, and CVE-2012-0217
mailing-list
cve.org
访问
cve.org
DSA-2508
vendor-advisory
cve.org
访问
cve.org
[xen-announce] 20120612 Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation
mailing-list
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
46508
exploit
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
VU#649219
third-party-advisory
cve.org
访问
cve.org
MDVSA-2013:150
vendor-advisory
cve.org
访问
cve.org
FreeBSD-SA-12:04
vendor-advisory
cve.org
访问
cve.org
ExploitDB EDB-20861
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-20861
EXPLOIT
exploitdb
访问
exploitdb
CVE Reference: CVE-2012-0217
ADVISORY
cve.org
访问
cve.org
ExploitDB EDB-28718
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-28718
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-46508
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-46508
EXPLOIT
exploitdb
访问
exploitdb
CVSS评分详情
7.2
HIGH
CVSS向量:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS版本:
2.0
机密性
COMPLETE
完整性
COMPLETE
可用性
COMPLETE
时间信息
发布时间:
2012-06-12 22:00:00
修改时间:
2024-08-06 18:16:19
创建时间:
2025-11-11 15:33:20
更新时间:
2025-11-11 16:50:44
利用信息
此漏洞有可利用代码!
利用代码数量:
3
利用来源:
未知
未知
未知
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2012-0217 |
2025-11-11 15:18:26 | 2025-11-11 07:33:20 |
| NVD | nvd_CVE-2012-0217 |
2025-11-11 14:53:57 | 2025-11-11 07:42:09 |
| CNNVD | cnnvd_CNNVD-201206-156 |
2025-11-11 15:09:16 | 2025-11-11 07:50:08 |
| EXPLOITDB | exploitdb_EDB-20861 |
2025-11-11 15:05:59 | 2025-11-11 08:15:55 |
| EXPLOITDB | exploitdb_EDB-28718 |
2025-11-11 15:05:21 | 2025-11-11 08:24:23 |
| EXPLOITDB | exploitdb_EDB-46508 |
2025-11-11 15:05:21 | 2025-11-11 08:50:44 |
版本与语言
当前版本:
v6
主要语言:
EN
支持语言:
EN
ZH
其他标识符:
:
:
:
:
:
:
安全公告
暂无安全公告信息
变更历史
v6
EXPLOITDB
2025-11-11 16:50:44
references_count: 28 → 30; tags_count: 8 → 10
查看详细变更
- references_count: 28 -> 30
- tags_count: 8 -> 10
v5
EXPLOITDB
2025-11-11 16:24:23
references_count: 26 → 28; tags_count: 5 → 8
查看详细变更
- references_count: 26 -> 28
- tags_count: 5 -> 8
v4
EXPLOITDB
2025-11-11 16:15:55
references_count: 23 → 26; tags_count: 0 → 5; data_sources: ['cnnvd', 'cve', 'nvd'] → ['cnnvd', 'cve', 'exploitdb', 'nvd']
查看详细变更
- references_count: 23 -> 26
- tags_count: 0 -> 5
- data_sources: ['cnnvd', 'cve', 'nvd'] -> ['cnnvd', 'cve', 'exploitdb', 'nvd']
v3
CNNVD
2025-11-11 15:50:08
vulnerability_type: 未提取 → 缓冲区错误; cnnvd_id: 未提取 → CNNVD-201206-156; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
- vulnerability_type: 未提取 -> 缓冲区错误
- cnnvd_id: 未提取 -> CNNVD-201206-156
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2
NVD
2025-11-11 15:42:09
severity: SeverityLevel.MEDIUM → SeverityLevel.HIGH; cvss_score: 未提取 → 7.2; cvss_vector: NOT_EXTRACTED → AV:L/AC:L/Au:N/C:C/I:C/A:C; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 19; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
- severity: SeverityLevel.MEDIUM -> SeverityLevel.HIGH
- cvss_score: 未提取 -> 7.2
- cvss_vector: NOT_EXTRACTED -> AV:L/AC:L/Au:N/C:C/I:C/A:C
- cvss_version: NOT_EXTRACTED -> 2.0
- affected_products_count: 0 -> 19
- data_sources: ['cve'] -> ['cve', 'nvd']