CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
19.5%
Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted value of an unspecified user registry key.
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | forefront_client_security | * | cpe:2.3:a:microsoft:forefront_client_security:*:*:*:*:*:*:*:* |
microsoft | forefront_endpoint_protection_2010 | - | cpe:2.3:a:microsoft:forefront_endpoint_protection_2010:-:*:*:*:*:*:*:* |
microsoft | malicious_software_removal_tool | * | cpe:2.3:a:microsoft:malicious_software_removal_tool:*:*:*:*:*:*:*:* |
microsoft | malware_protection_engine | * | cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:* |
microsoft | malware_protection_engine | 0.1.13.192 | cpe:2.3:a:microsoft:malware_protection_engine:0.1.13.192:*:*:*:*:*:*:* |
microsoft | malware_protection_engine | 1.1.3520.0 | cpe:2.3:a:microsoft:malware_protection_engine:1.1.3520.0:*:*:*:*:*:*:* |
microsoft | security_essentials | * | cpe:2.3:a:microsoft:security_essentials:*:*:*:*:*:*:*:* |
microsoft | windows_defender | * | cpe:2.3:a:microsoft:windows_defender:*:*:*:*:*:*:*:* |
microsoft | windows_live_onecare | * | cpe:2.3:a:microsoft:windows_live_onecare:*:*:*:*:*:*:*:* |