CVE-2011-0037
Microsoft Malware Protection Engine <1.1.6603.0 - Privilege Escalation
Title source: llmDescription
Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted value of an unspecified user registry key.
References (6)
Core 6
Core References
Vendor Advisory x_refsource_confirm
http://www.microsoft.com/technet/security/advisory/2491888.mspx
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43468
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/46540
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0486
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1025117
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/65626
Scores
EPSS
0.0178
EPSS Percentile
75.7%
Details
CWE
CWE-20
Status
published
Products (9)
microsoft/forefront_client_security
microsoft/forefront_endpoint_protection_2010
microsoft/malicious_software_removal_tool
microsoft/malware_protection_engine
0.1.13.192
microsoft/malware_protection_engine
1.1.3520.0
microsoft/malware_protection_engine
< 1.1.6502.0
microsoft/security_essentials
microsoft/windows_defender
microsoft/windows_live_onecare
Published
Feb 25, 2011
Tracked Since
Feb 18, 2026