Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3209

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2006-3209
Last Modified 05 Sep 2008 05:06:30
Published 23 Jun 2006 09:06:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-3209

Summary

** DISPUTED ** The Task scheduler (at.exe) on Microsoft Windows XP spawns each scheduled process with SYSTEM permissions, which allows local users to gain privileges. NOTE: this issue has been disputed by third parties, who state that the Task scheduler is limited to the Administrators group by default upon installation.

Vulnerable Systems

Operating System

  • Microsoft Windows Xp


References

BUGTRAQ - 20060612 Re: Windows XP Task Scheduler Local Privilege Escalation (Advisory)

BUGTRAQ - 20060612 Windows XP Task Scheduler Local Privilege Escalation (Advisory)

SREASON - 1137


Last Updated: 27 May 2016 10:42:54