Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1124

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2009-1124
Last Modified 21 Aug 2010 01:31:30
Published 10 Jun 2009 02:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2009-1124

Summary

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate user-mode pointers in unspecified error conditions, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Pointer Validation Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows Server 2003

  • Microsoft Windows Server 2008

  • Microsoft Windows Server 2008 Sp2

  • Microsoft Windows Vista

  • Microsoft Windows Vista Gold

  • Microsoft Windows Xp


References

CERT - TA09-160A

MS - MS09-025

VUPEN - ADV-2009-1544

SECTRACK - 1022359

BID - 35238

SECUNIA - 35372

OSVDB - 54941


Last Updated: 27 May 2016 10:50:28