| ID |
CVE-2011-4434
|
| Sažetak |
Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 do not properly enforce AppLocker rules, which allows local users to bypass intended access restrictions via a (1) macro or (2) scripting feature in an application, as demonstrated by Microsoft Office applications and the SANDBOX_INERT and LOAD_IGNORE_CODE_AUTHZ_LEVEL flags. |
| Reference |
|
| CVSS |
| Base: | 3.6 |
| Impact: | 4.9 |
| Exploitability: | 3.9 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| LOCAL |
LOW |
NONE |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| NONE |
PARTIAL |
PARTIAL |
|
| CVSS vektor |
AV:L/AC:L/Au:N/C:N/I:P/A:P |
| Zadnje važnije ažuriranje |
28-09-2020 - 12:58 |
| Objavljeno |
11-11-2011 - 21:55 |
