CVE-2011-2014
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2011-2014
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The LDAP over SSL (aka LDAPS) implementation in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not examine Certificate Revocation Lists (CRLs), which allows remote authenticated users to bypass intended certificate restrictions and access Active Directory resources by leveraging a revoked X.509 certificate for a domain account, aka "LDAPS Authentication Bypass Vulnerability."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Windows 特权提升漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Windows Vista是是美国微软(Microsoft)公司发布的一套操作系统。 Microsoft Windows的Active Directory 中存在一个特权提升漏洞。攻击者可以通过使用以前吊销的证书向 Active Directory 域执行身份验证来利用此漏洞,并获取对网络资源的访问权限,或者使用证书与之相关联的特定授权用户的权限运行代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2011-2014
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2011-2014
Please Login to view more intelligence information
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-086vendor-advisoryx_refsource_MS
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13278vdb-entrysignaturex_refsource_OVAL
- https://nvd.nist.gov/vuln/detail/CVE-2011-2014
Same Patch Batch · n/a · 2011-11-08 · 11 CVEs total
| CVE-2011-2446 | Adobe Shockwave Player ‘DIRapi’库任意代码执行漏洞 | |
| CVE-2011-2447 | Adobe Shockwave Player 任意代码执行漏洞 | |
| CVE-2011-2448 | Adobe Shockwave Player ‘DIRapi’库任意代码执行漏洞 | |
| CVE-2011-2449 | Adobe Shockwave Player ‘TextXtra’ 模块任意代码执行漏洞 | |
| CVE-2011-4000 | ChaSen 缓冲区溢出漏洞 | |
| CVE-2011-2004 | Microsoft Windows 内核拒绝服务漏洞 | |
| CVE-2011-2013 | Windows TCP/IP 远程执行代码漏洞 | |
| CVE-2011-2016 | Microsoft Windows 远程执行代码漏洞 | |
| CVE-2011-3607 | Apache HTTP Server ‘ap_pregsub()’函数本地权限提升漏洞 | |
| CVE-2011-4415 | Apache HTTP Server ‘server/util.c’ 输入验证漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out- - CVE-2026-8187
Open5GS UPF gtp-path.c _gtpv1_u_recv_cb resource consumption - CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM
V. Comments for CVE-2011-2014
No comments yet