7.2

CVE-2008-2252

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate parameters sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability."

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftWindows 2000 Version- Updatesp4
MicrosoftWindows Server 2003 Version- Updatesp1
MicrosoftWindows Server 2003 Version- Updatesp1 HwPlatformitanium
MicrosoftWindows Server 2003 Version- Updatesp1 HwPlatformx64
MicrosoftWindows Server 2003 Version- Updatesp2
MicrosoftWindows Server 2008 Version- Editionitanium
MicrosoftWindows Vista Version-
MicrosoftWindows Vista Version- HwPlatformx64
MicrosoftWindows Vista Version- Updatesp1
MicrosoftWindows Vista Version- Updatesp1 HwPlatformx64
MicrosoftWindows Xp Version- HwPlatformx64
MicrosoftWindows Xp Version- Updatesp2
MicrosoftWindows Xp Version- Updatesp2 HwPlatformx64
MicrosoftWindows Xp Version- Updatesp3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.05% 0.769
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
http://marc.info/?l=bugtraq&m=122479227205998&w=2
Third Party Advisory
Mailing List
http://www.us-cert.gov/cas/techalerts/TA08-288A.html
Third Party Advisory
US Government Resource
http://www.securitytracker.com/id?1021046
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/31652
Patch
Third Party Advisory
VDB Entry