Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows kernel multiple privilege escalation
Published:10.06.2009
Source:
SecurityVulns ID:9982
Type:local
Threat Level:
6/10
Description:Multiple vulnerabilities in different subsystems.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-1126 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly validate the user-mode input associated with the editing of an unspecified desktop parameter, which allows local users to gain privileges via a crafted application, aka "Windows Desktop Parameter Edit Vulnerability.")
 CVE-2009-1125 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate an argument to an unspecified system call, which allows local users to gain privileges via a crafted application, aka "Windows Driver Class Registration Vulnerability.")
 CVE-2009-1124 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate user-mode pointers in unspecified error conditions, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Pointer Validation Vulnerability.")
 CVE-2009-1123 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Desktop Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS09-025 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (968537) (10.06.2009)
Files:Microsoft Security Bulletin MS09-025 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (968537)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod