Privilege escalation in Windows and Windows Server

#VU1377 Privilege escalation in Windows and Windows Server

Published: 2020-03-18

Vulnerability identifier: #VU1377

Vulnerability risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2007-1212

CWE-ID: CWE-119

Exploitation vector: Local

Exploit availability: Yes

Vulnerable software:
Windows
Operating systems & Components / Operating system
Windows Server
Operating systems & Components / Operating system

Vendor: Microsoft

Description

The vulnerability allows a local attacker to obtain elevated privileges on vulnerable system.

The vulnerability exists in Graphics Rendering Engine when processing Enhanced Metafile (EMF) image format files. A local user create a specially crafted EMF file and execute arbitrary code on vulnerable system with elevated privileges.

Successful exploitation of this vulnerability may allow a local user to obtain full access to vulnerable system.

Mitigation
Install the following updates from Microsoft website:

Microsoft Windows 2000 Service Pack 4 — Download the update
Microsoft Windows XP Service Pack 2 — Download the update
Microsoft Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2 — Download the update
Microsoft Windows Server 2003, Microsoft Windows Server 2003 Service Pack 1, and Microsoft Windows Server 2003 Service Pack 2 — Download the update
Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Windows Server 2003 with SP1 for Itanium-based Systems, and Microsoft Windows Server 2003 with SP2 for Itanium-based Systems — Download the update
Microsoft Windows Server 2003 x64 Edition and Microsoft Windows Server 2003 x64 Edition Service Pack 2 — Download the update
Windows Vista — Download the update
Windows Vista x64 Edition — Download the update

Vulnerable software versions

Windows: 2000, XP, Vista

Windows Server: 2003

External links
http://technet.microsoft.com/en-us/library/security/ms07-017.aspx

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Multiple privilege escalation vulnerabilities in Microsoft Windows