CVE-2009-1123
HIGH
7,8
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
HIGH
7,2
Source: [email protected]
Access Vector: local
Access Complexity: low
Authentication: none
Confidentiality: complete
Integrity: complete
Availability: complete
Description
AI Translation Available
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application, aka 'Windows Kernel Desktop Vulnerability.'
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0430
Percentile
0,9th
Updated
EPSS Score Trend (Last 91 Days)
Operating System
Windows Server 2003 by Microsoft
CPE Identifier
View Detailed Analysis
cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Windows Vista by Microsoft
CPE Identifier
View Detailed Analysis
cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Windows Server 2008 by Microsoft
CPE Identifier
View Detailed Analysis
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Windows Xp by Microsoft
CPE Identifier
View Detailed Analysis
cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Windows Xp by Microsoft
CPE Identifier
View Detailed Analysis
cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:-:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Windows Vista by Microsoft
CPE Identifier
View Detailed Analysis
cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Windows Xp by Microsoft
CPE Identifier
View Detailed Analysis
cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Windows 2000 by Microsoft
CPE Identifier
View Detailed Analysis
cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009…
http://osvdb.org/54940
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-0…
http://secunia.com/advisories/35372
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%…
http://www.securitytracker.com/id?1022359
http://www.us-cert.gov/cas/techalerts/TA09-160A.html
http://www.vupen.com/english/advisories/2009/1544
http://osvdb.org/54940
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-0…
http://secunia.com/advisories/35372
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%…
http://www.securitytracker.com/id?1022359
http://www.us-cert.gov/cas/techalerts/TA09-160A.html
http://www.vupen.com/english/advisories/2009/1544