A vulnerability exists within an undocumented Windows XP function, NtUserLoadKeyboardLayoutEx, as a result of an incomplete patch for CVE-2012-0181 on Windows XP in Microsoft Security Bulletin MS12-034. The patch issued within MS12-034 inhibits the loading of arbitrary keyboard layout files, but fails to validate the "offTable" parameter to NtUserLoadKeyboardLayoutEx() within win32k.sys.
Release Date 2012-18-05
Severity: Medium
Impact
· Local elevation of privileges to kernel context
Software:
· Microsoft Windows XP SP3
CVE Reference(s)
CVE-2012-0181
Description
Local attackers who successfully exploit this vulnerability will be able to execute code on the vulnerable system with LocalSystem rights. This would lead to a complete system compromise, giving attackers full control of the system.
Solution
No known mitigation exists.
Original Advisory
Microsoft
NOTE:The Information provided is on "as is" basis, without assurance of any kind.