QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2011-4434

Back to search

CVE-2011-4434

Published: Nov 11, 2011

Modified: Sep 16, 2024

PUBLISHED

Description

Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 do not properly enforce AppLocker rules, which allows local users to bypass intended access restrictions via a (1) macro or (2) scripting feature in an application, as demonstrated by Microsoft Office applications and the SANDBOX_INERT and LOAD_IGNORE_CODE_AUTHZ_LEVEL flags.

VendorProductVersions

n/a

n/a

affected
n/a

References

2532445
vendor-advisory
x_refsource_MSKB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now