Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2011-1229

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability."

Security Impact Summary

CVE-2011-1229 is a security vulnerability that . Impacting 35 products from microsoft, from microsoft, from microsoft and 32 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Documented in 2011, this vulnerability occurred amid the cloud computing expansion era, where traditional network perimeter security models were being reevaluated. Organizations were transitioning from isolated infrastructure to interconnected systems, creating new attack surfaces that vulnerabilities like this could exploit.

Published

2011-04-13T20:26:25.250

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.2 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

3.9

Impact Score

10.0

Weaknesses
  • Type: Primary
    CWE-476
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System microsoft windows_2003_server - Yes
Operating System microsoft windows_7 - Yes
Operating System microsoft windows_7 - Yes
Operating System microsoft windows_server_2003 - Yes
Operating System microsoft windows_server_2008 - Yes
Operating System microsoft windows_server_2008 - Yes
Operating System microsoft windows_server_2008 r2 Yes
Operating System microsoft windows_server_2008 r2 Yes
Operating System microsoft windows_server_2008 r2 Yes
Operating System microsoft windows_server_2008 r2 Yes
Operating System microsoft windows_vista - Yes
Operating System microsoft windows_vista - Yes
Operating System microsoft windows_vista - Yes
Operating System microsoft windows_vista - Yes
Operating System microsoft windows_xp - Yes
Operating System microsoft windows_xp - Yes
Application avaya agent_access * Yes
Application avaya aura_conferencing_standard_edition 6.0.0 Yes
Application avaya basic_call_management_system_reporting_desktop * Yes
Application avaya call_management_server_supervisor * Yes
Application avaya callpilot ≤ 5.0.x Yes
Application avaya callvisor_asai_lan * Yes
Application avaya communication_server_1000_telephony_manager ≤ 4.0.0 Yes
Application avaya computer_telephony * Yes
Application avaya contact_center_express * Yes
Application avaya customer_interaction_express * Yes
Application avaya enterprise_manager * Yes
Application avaya integrated_management * Yes
Application avaya interaction_center * Yes
Application avaya ip_agent * Yes
Application avaya ip_softphone * Yes
Application avaya meeting_exchange ≤ 5.2.0 Yes
Application avaya messaging_application_server ≤ 5.2.x Yes
Application avaya network_reporting * Yes
Application avaya octelaccess_server * Yes
Application avaya octeldesigner * Yes
Application avaya operational_analyst * Yes
Application avaya outbound_contact_management * Yes
Application avaya speech_access * Yes
Application avaya unified_communication_center * Yes
Application avaya unified_messenger * Yes
Application avaya visual_messenger * Yes
Application avaya visual_vector_client * Yes
Application avaya vpnmanager_console * Yes
Application avaya web_messenger * Yes
References

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For microsoft's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.