VYPR
Unrated severityNVD Advisory· Published Nov 11, 2011· Updated Jun 16, 2026

CVE-2011-4434

CVE-2011-4434

Description

Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 do not properly enforce AppLocker rules, which allows local users to bypass intended access restrictions via a (1) macro or (2) scripting feature in an application, as demonstrated by Microsoft Office applications and the SANDBOX_INERT and LOAD_IGNORE_CODE_AUTHZ_LEVEL flags.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*
    • (no CPE)
  • cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.