CVE-2011-1229

Name: CVE-2011-1229
Creator: NVD / NIST
Published: 2011-04-13T20:26:25.25+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.47%

Last modified Jun 16, 2026

CVE-2011-1229 is a vulnerability of currently unknown severity. win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability.". EPSS estimates a 1.47% chance of exploitation in the next 30 days.

Description

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability."

Metrics

EPSS Probability

1.47%

70.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-476

Affected Software

Vendor	Product	Versions	Update
Microsoft	Windows 2003 Server	All versions	Sp2
Microsoft	Windows 7	All versions	—
Microsoft	Windows Server 2003	All versions	Sp2
Microsoft	Windows Server 2008	All versions	—
Microsoft	Windows Server 2008	r2	—
Microsoft	Windows Vista	All versions	Sp1
Microsoft	Windows Xp	All versions	Sp2
Avaya	Agent Access	All versions	—
Avaya	Aura Conferencing Standard Edition	6.0.0	—
Avaya	Basic Call Management System Reporting Desktop	All versions	—
Avaya	Call Management Server Supervisor	All versions	—
Avaya	Callpilot	>= 4.0.x, <= 5.0.x	—
Avaya	Callvisor Asai Lan	All versions	—
Avaya	Communication Server 1000 Telephony Manager	>= 3.0.0, <= 4.0.0	—
Avaya	Computer Telephony	All versions	—
Avaya	Contact Center Express	All versions	—
Avaya	Customer Interaction Express	All versions	—
Avaya	Enterprise Manager	All versions	—
Avaya	Integrated Management	All versions	—
Avaya	Interaction Center	All versions	—
Avaya	Ip Agent	All versions	—
Avaya	Ip Softphone	All versions	—
Avaya	Meeting Exchange	>= 5.0.0, <= 5.2.0	—
Avaya	Messaging Application Server	>= 4.0.x, <= 5.2.x	—
Avaya	Network Reporting	All versions	—
Avaya	Octelaccess Server	All versions	—
Avaya	Octeldesigner	All versions	—
Avaya	Operational Analyst	All versions	—
Avaya	Outbound Contact Management	All versions	—
Avaya	Speech Access	All versions	—
Avaya	Unified Communication Center	All versions	—
Avaya	Unified Messenger	All versions	—
Avaya	Visual Messenger	All versions	—
Avaya	Visual Vector Client	All versions	—
Avaya	Vpnmanager Console	All versions	—
Avaya	Web Messenger	All versions	—

References

http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspxVendor Advisory
http://osvdb.org/71735Broken Link
http://secunia.com/advisories/44156Third Party Advisory
http://support.avaya.com/css/P8/documents/100133352Third Party Advisory
http://www.securityfocus.com/bid/47229Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1025345Third Party Advisory, VDB Entry
http://www.us-cert.gov/cas/techalerts/TA11-102A.htmlThird Party Advisory, US Government Resource
http://www.vupen.com/english/advisories/2011/0952Broken Link
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034Patch, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/66411VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503Third Party Advisory
http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspxVendor Advisory
http://osvdb.org/71735Broken Link
http://secunia.com/advisories/44156Third Party Advisory
http://support.avaya.com/css/P8/documents/100133352Third Party Advisory
http://www.securityfocus.com/bid/47229Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1025345Third Party Advisory, VDB Entry
http://www.us-cert.gov/cas/techalerts/TA11-102A.htmlThird Party Advisory, US Government Resource
http://www.vupen.com/english/advisories/2011/0952Broken Link
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034Patch, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/66411VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503Third Party Advisory

Timeline

Published: Apr 13, 2011
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2011-1229?

How severe is CVE-2011-1229?

Severity scoring for CVE-2011-1229 is pending analysis. The EPSS model estimates a 1.47% probability of exploitation in the next 30 days.

How do I fix CVE-2011-1229?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2011-1229?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST