VYPR
← All advisories
High severity8.4NVD Advisory· Published Mar 13, 2012· Updated Apr 29, 2026

CVE-2012-0157

CVE-2012-0157

Description

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle window messaging, which allows local users to gain privileges via a crafted application that calls the PostMessage function, aka "PostMessage Function Vulnerability."

Affected products

13
  • Microsoft/Windows 74 versions
    cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*+ 3 more
    • cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_7:*:*:x86:*:*:*:*:*
  • Microsoft/Windows Server 2003
    cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
  • Microsoft/Windows Server 20085 versions
    cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*+ 4 more
    • cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*
  • Microsoft/Windows Vista
    cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
  • Microsoft/Windows Xp2 versions
    cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.