Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2827

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2005-2827
Last Modified 07 Mar 2011 09:25:05
Published 13 Dec 2005 08:03:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-2827

Summary

The thread termination routine in the kernel for Windows NT 4.0 and 2000 (NTOSKRNL.EXE) allows local users to modify kernel memory and execution flow via steps in which a terminating thread causes Asynchronous Procedure Call (APC) entries to free the wrong data, aka the "Windows Kernel Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows Nt 4.0


References

BID - 15826

MS - MS05-055

SECUNIA - 15821

XF - win-apc-gain-privileges(23447)

MISC - http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420

VUPEN - ADV-2005-2909

VUPEN - ADV-2005-2868

BUGTRAQ - 20051213 [EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability

OSVDB - 18823

EEYE - EEYEB-20051213

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf

SECTRACK - 1015347

SECUNIA - 18311

SECUNIA - 18064

SREASON - 252


Last Updated: 27 May 2016 10:40:39