nvd-json-data-feeds/CVE-2011/CVE-2011-00xx/CVE-2011-0037.json

{
  "id": "CVE-2011-0037",
  "sourceIdentifier": "secure@microsoft.com",
  "published": "2011-02-25T18:00:01.213",
  "lastModified": "2017-08-17T01:33:23.493",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted value of an unspecified user registry key."
    },
    {
      "lang": "es",
      "value": "Microsoft Malware Protection Engine anterior a v1.1.6603.0, tal como se utiliz\u00f3 en Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, y Windows Live OneCare, permite a usuarios locales conseguir privilegios a trav\u00e9s de un valor manipulado de una clave de registro de usuario sin especificar"
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "accessVector": "LOCAL",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:forefront_client_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "769D4056-0E25-4A0A-B0E7-265AC188053A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:forefront_endpoint_protection_2010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43383FAA-0CD9-4D86-B957-814FE226D1E4"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:malicious_software_removal_tool:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEAB4CCB-8116-45EC-A261-D16A168C7198"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "1.1.6502.0",
              "matchCriteriaId": "F718BB5E-D0EA-497D-9085-C4462C029E37"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:malware_protection_engine:0.1.13.192:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CEA6F8E-1A38-47FC-891C-326EAA8A9F6B"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:malware_protection_engine:1.1.3520.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6EFC0F5-EB5E-4D34-9B8B-5C60CCC32D70"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:security_essentials:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3151D41-960B-4A4B-8585-07B1DCFEA454"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:windows_defender:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A458632B-D1AE-4643-A8F0-4295B506E341"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:windows_live_onecare:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4109D8E8-A385-4098-A983-FCF5F69CCD1F"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://securitytracker.com/id?1025117",
      "source": "secure@microsoft.com"
    },
    {
      "url": "http://www.microsoft.com/technet/security/advisory/2491888.mspx",
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/46540",
      "source": "secure@microsoft.com"
    },
    {
      "url": "http://www.vupen.com/english/advisories/2011/0486",
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65626",
      "source": "secure@microsoft.com"
    }
  ]
}