MS12-032 MS12-032 - Important : Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338) - Version: 1.1
Version2012-05-09
Severity Rating: Important
Revision Note: V1.1 (May 9, 2012): Corrected mitigating factors for CVE-2012-0174 and CVE-2012-0179 in the Vulnerability Information section.
Summary: This security update resolves one publicly disclosed and one privately reported vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application.
Bulletin details at Microsoft.com
Bulletin details at Microsoft.com
Related CVE Entries
Windows Firewall in tcpip.sys in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly enforce firewall rules for outbound broadcast packets, which allows remote attackers to obtain potentially sensitive information by observing broadcast traffic on a local network, aka "Windows Firewall Bypass Vulnerability."
Max CVSS
1.7
EPSS Score
1.11%
Published
2012-05-09
Updated
2018-10-12
Double free vulnerability in tcpip.sys in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that binds an IPv6 address to a local interface, aka "TCP/IP Double Free Vulnerability."
Max CVSS
7.2
EPSS Score
0.04%
Published
2012-05-09
Updated
2018-10-12