Vulnerability Details : CVE-2011-4784
The NVIDIA Stereoscopic 3D driver before 7.17.12.7565 does not properly handle commands sent to a named pipe, which allows local users to gain privileges via a crafted application.
Vulnerability category: Input validation
Exploit prediction scoring system (EPSS) score for CVE-2011-4784
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-4784
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2011-4784
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-4784
-
http://technet.microsoft.com/en-us/security/msvr/msvr11-016
Microsoft Vulnerability Research Advisory MSVR11-016 | Microsoft Docs
-
http://www.securityfocus.com/bid/51148
NVIDIA Stereoscopic 3D Driver CVE-2011-4784 Local Privilege Escalation Vulnerability
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/71930
NVIDIA Stereoscopic 3D Driver command execution CVE-2011-4784 Vulnerability Report
Products affected by CVE-2011-4784
- cpe:2.3:a:nvidia:stereoscopic_3d_driver:*:*:*:*:*:*:*:*