CVE-2011-0090

Published: Feb 9, 2011Modified: Apr 29, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability."

Affected (18)

Products: Microsoft: Windows 2003 Server, Windows 7, Windows Server 2003, Windows Server 2008, Windows Vista, Windows Xp

6 products

Configuration A

18 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 2003 Server	All versions
Microsoft Windows 2003 Server	All versions
Microsoft Windows 7	All versions
Microsoft Windows 7	All versions
Microsoft Windows Server 2003	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Vista	All versions
Microsoft Windows Vista	All versions
Microsoft Windows Vista	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions