CVE-2009-1123
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Desktop Vulnerability."
Published
2009-06-10T18:30:00.327
Last Modified
2025-04-09T00:30:58.490
Status
Deferred
Source
[email protected]
Severity
CVSSv3.1: 7.8 (HIGH)
CVSSv2 Vector
AV:L/AC:L/Au:N/C:C/I:C/A:C
- Access Vector: LOCAL
- Access Complexity: LOW
- Authentication: NONE
- Confidentiality Impact: COMPLETE
- Integrity Impact: COMPLETE
- Availability Impact: COMPLETE
Exploitability Score
3.9
Impact Score
10.0
Weaknesses
-
Type: Primary
NVD-CWE-noinfo
Affected Vendors & Products
References
-
http://osvdb.org/54940
Broken Link
([email protected])
-
http://secunia.com/advisories/35372
Broken Link
([email protected])
-
http://www.securitytracker.com/id?1022359
Broken Link, Third Party Advisory, VDB Entry
([email protected])
-
http://www.us-cert.gov/cas/techalerts/TA09-160A.html
Broken Link, Third Party Advisory, US Government Resource
([email protected])
-
http://www.vupen.com/english/advisories/2009/1544
Broken Link
([email protected])
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-025
Patch, Vendor Advisory
([email protected])
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6206
Broken Link
([email protected])
-
http://osvdb.org/54940
Broken Link
(af854a3a-2127-422b-91ae-364da2661108)
-
http://secunia.com/advisories/35372
Broken Link
(af854a3a-2127-422b-91ae-364da2661108)
-
http://www.securitytracker.com/id?1022359
Broken Link, Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)
-
http://www.us-cert.gov/cas/techalerts/TA09-160A.html
Broken Link, Third Party Advisory, US Government Resource
(af854a3a-2127-422b-91ae-364da2661108)
-
http://www.vupen.com/english/advisories/2009/1544
Broken Link
(af854a3a-2127-422b-91ae-364da2661108)
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-025
Patch, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6206
Broken Link
(af854a3a-2127-422b-91ae-364da2661108)