MS11-070 MS11-070 - Important : Vulnerability in WINS Could Allow Elevation of Privilege (2571621) - Version: 1.0
Version2011-09-13
Severity Rating: Important
Revision Note: V1.0 (September 13, 2011): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in the Windows Internet Name Service (WINS). The vulnerability could allow elevation of privilege if a user received a specially crafted WINS replication packet on an affected system running the WINS service. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
Bulletin details at Microsoft.com
Bulletin details at Microsoft.com
Related CVE Entries
WINS in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 allows local users to gain privileges by sending crafted packets over the loopback interface, aka "WINS Local Elevation of Privilege Vulnerability."
Max CVSS
7.2
EPSS Score
0.05%
Published
2011-09-15
Updated
2020-09-28