CVE-2011-4784 - Vulnerability Details - OpenCVE

The NVIDIA Stereoscopic 3D driver before 7.17.12.7565 does not properly handle commands sent to a named pipe, which allows local users to gain privileges via a crafted application.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Nvidia	Stereoscopic 3d Driver

Configuration 1 [-]

cpe:2.3:a:nvidia:stereoscopic_3d_driver:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://secunia.com/advisories/47324
http://technet.microsoft.com/en-us/security/msvr/msvr11-016
http://www.osvdb.org/77974
http://www.securityfocus.com/bid/51148
https://exchange.xforce.ibmcloud.com/vulnerabilities/71930

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-12-27T02:00:00

Updated: 2024-08-07T00:16:34.924Z

Reserved: 2011-12-13T00:00:00

Link: CVE-2011-4784

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2011-12-27T04:01:39.937

Modified: 2025-04-11T00:51:21.963

Link: CVE-2011-4784

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-12-20T00:00:00", "descriptions": [{"lang": "en", "value": "The NVIDIA Stereoscopic 3D driver before 7.17.12.7565 does not properly handle commands sent to a named pipe, which allows local users to gain privileges via a crafted application."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "47324", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47324"}, {"name": "nvidia-driver-command-execution(71930)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71930"}, {"name": "77974", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/77974"}, {"name": "51148", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/51148"}, {"tags": ["x_refsource_MISC"], "url": "http://technet.microsoft.com/en-us/security/msvr/msvr11-016"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-4784", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The NVIDIA Stereoscopic 3D driver before 7.17.12.7565 does not properly handle commands sent to a named pipe, which allows local users to gain privileges via a crafted application."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "47324", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/47324"}, {"name": "nvidia-driver-command-execution(71930)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71930"}, {"name": "77974", "refsource": "OSVDB", "url": "http://www.osvdb.org/77974"}, {"name": "51148", "refsource": "BID", "url": "http://www.securityfocus.com/bid/51148"}, {"name": "http://technet.microsoft.com/en-us/security/msvr/msvr11-016", "refsource": "MISC", "url": "http://technet.microsoft.com/en-us/security/msvr/msvr11-016"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:16:34.924Z"}, "title": "CVE Program Container", "references": [{"name": "47324", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/47324"}, {"name": "nvidia-driver-command-execution(71930)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71930"}, {"name": "77974", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/77974"}, {"name": "51148", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/51148"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://technet.microsoft.com/en-us/security/msvr/msvr11-016"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-4784", "datePublished": "2011-12-27T02:00:00", "dateReserved": "2011-12-13T00:00:00", "dateUpdated": "2024-08-07T00:16:34.924Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:stereoscopic_3d_driver:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A0FEFD0-5C7F-45EC-B7C8-91F68EA07A74", "versionEndIncluding": "7.17.12.7536", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The NVIDIA Stereoscopic 3D driver before 7.17.12.7565 does not properly handle commands sent to a named pipe, which allows local users to gain privileges via a crafted application."}, {"lang": "es", "value": "El driver NVIDIA Stereoscopic 3D anterior a v7.17.12.7565 no maneja adecuadamente comandos enviados a una tuber\u00eda (pipe), lo que permite a usuarios locales obtener privilegios a trav\u00e9s de una aplicaci\u00f3n manipulada."}], "id": "CVE-2011-4784", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-12-27T04:01:39.937", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47324"}, {"source": "cve@mitre.org", "url": "http://technet.microsoft.com/en-us/security/msvr/msvr11-016"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/77974"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/51148"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71930"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47324"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://technet.microsoft.com/en-us/security/msvr/msvr11-016"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/77974"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/51148"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71930"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}