Description
WINS in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 allows local users to gain privileges by sending crafted packets over the loopback interface, aka "WINS Local Elevation of Privilege Vulnerability."
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Core Security · textdoswindows
https://www.exploit-db.com/exploits/17831
References (4)
Core 4
Core References
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/8378
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12634
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-070
US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA11-256A.html
Scores
EPSS
0.2192
EPSS Percentile
95.8%
Details
CWE
CWE-264
Status
published
Products (4)
microsoft/windows_2003_server
microsoft/windows_server_2003
microsoft/windows_server_2008
(2 CPE variants)
microsoft/windows_server_2008
r2
Published
Sep 15, 2011
Tracked Since
Feb 18, 2026