CVE-2014-4971

Name of the Vulnerable Software and Affected Versions Microsoft Windows XP SP3

Description The issue allows local users to gain privileges by writing data to arbitrary memory locations via a crafted address in an IOCTL call. This is related to the MQAC.sys driver in the MQ Access Control subsystem and the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem. The vulnerability also exists in the Microsoft Message Queuing (MSMQ) service, which could allow an attacker to elevate privileges on the targeted system.

Recommendations For Microsoft Windows XP SP3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.