Unrated severityNVD Advisory· Published Apr 13, 2011· Updated Apr 29, 2026

CVE-2011-1229

Description

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability."

Affected products

Avaya/Agent Access
cpe:2.3:a:avaya:agent_access:*:*:*:*:*:*:*:*
Avaya/Aura Conferencing Standard Edition
cpe:2.3:a:avaya:aura_conferencing_standard_edition:6.0.0:*:*:*:*:*:*:*
Avaya/Basic Call Management System Reporting Desktop
cpe:2.3:a:avaya:basic_call_management_system_reporting_desktop:*:*:*:*:*:*:*:*
Avaya/Call Management Server Supervisor
cpe:2.3:a:avaya:call_management_server_supervisor:*:*:*:*:*:*:*:*
Avaya/Callpilot
cpe:2.3:a:avaya:callpilot:*:*:*:*:*:*:*:*
Range: >=4.0.x,<=5.0.x
Avaya/Callvisor Asai Lan
cpe:2.3:a:avaya:callvisor_asai_lan:*:*:*:*:*:*:*:*
Avaya/Communication Server 1000 Telephony Manager
cpe:2.3:a:avaya:communication_server_1000_telephony_manager:*:*:*:*:*:*:*:*
Range: >=3.0.0,<=4.0.0
Avaya/Computer Telephony
cpe:2.3:a:avaya:computer_telephony:*:*:*:*:*:*:*:*
Avaya/Contact Center Express
cpe:2.3:a:avaya:contact_center_express:*:*:*:*:*:*:*:*
Avaya/Customer Interaction Express
cpe:2.3:a:avaya:customer_interaction_express:*:*:*:*:*:*:*:*
Avaya/Enterprise Manager
cpe:2.3:a:avaya:enterprise_manager:*:*:*:*:*:*:*:*
Avaya/Integrated Management
cpe:2.3:a:avaya:integrated_management:*:*:*:*:*:*:*:*
Avaya/Interaction Center
cpe:2.3:a:avaya:interaction_center:*:*:*:*:*:*:*:*
Avaya/Ip Agent
cpe:2.3:a:avaya:ip_agent:*:*:*:*:*:*:*:*
Avaya/Ip Softphone
cpe:2.3:a:avaya:ip_softphone:*:*:*:*:*:*:*:*
Avaya/Meeting Exchange
cpe:2.3:a:avaya:meeting_exchange:*:*:*:*:*:*:*:*
Range: >=5.0.0,<=5.2.0
Avaya/Messaging Application Server
cpe:2.3:a:avaya:messaging_application_server:*:*:*:*:*:*:*:*
Range: >=4.0.x,<=5.2.x
Avaya/Network Reporting
cpe:2.3:a:avaya:network_reporting:*:*:*:*:*:*:*:*
Avaya/Octelaccess Server
cpe:2.3:a:avaya:octelaccess_server:*:*:*:*:*:*:*:*
Avaya/Octeldesigner
cpe:2.3:a:avaya:octeldesigner:*:*:*:*:*:*:*:*
Avaya/Operational Analyst
cpe:2.3:a:avaya:operational_analyst:*:*:*:*:*:*:*:*
Avaya/Outbound Contact Management
cpe:2.3:a:avaya:outbound_contact_management:*:*:*:*:*:*:*:*
Avaya/Speech Access
cpe:2.3:a:avaya:speech_access:*:*:*:*:*:*:*:*
Avaya/Unified Communication Center
cpe:2.3:a:avaya:unified_communication_center:*:*:*:*:*:*:*:*
Avaya/Unified Messenger
cpe:2.3:a:avaya:unified_messenger:*:*:*:*:*:*:*:*
Avaya/Visual Messenger
cpe:2.3:a:avaya:visual_messenger:*:*:*:*:*:*:*:*
Avaya/Visual Vector Client
cpe:2.3:a:avaya:visual_vector_client:*:*:*:*:*:*:*:*
Avaya/Vpnmanager Console
cpe:2.3:a:avaya:vpnmanager_console:*:*:*:*:*:*:*:*
Avaya/Web Messenger
cpe:2.3:a:avaya:web_messenger:*:*:*:*:*:*:*:*
Microsoft/Windows 2003 Server
cpe:2.3:o:microsoft:windows_2003_server:-:sp2:*:*:*:*:*:*
Microsoft/Windows 72 versions
cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
Microsoft/Windows Server 2003
cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*
Microsoft/Windows Server 20086 versions
cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:*
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
- cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*
- cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
Microsoft/Windows Vista4 versions
cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:x64:*
- cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:x64:*
Microsoft/Windows Xp2 versions
cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:x64:*+ 1 more
- cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:x64:*
- cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034nvdPatchVendor Advisory
blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspxnvdVendor Advisory
secunia.com/advisories/44156nvdThird Party Advisory
support.avaya.com/css/P8/documents/100133352nvdThird Party Advisory
www.securityfocus.com/bid/47229nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
www.us-cert.gov/cas/techalerts/TA11-102A.htmlnvdThird Party AdvisoryUS Government Resource
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503nvdThird Party Advisory
osvdb.org/71735nvdBroken Link
www.vupen.com/english/advisories/2011/0952nvdBroken Link
exchange.xforce.ibmcloud.com/vulnerabilities/66411nvdVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000