6.9

CVE-2009-0079

EPSS 0.65%
Veröffentlicht 15.04.2009 08:00:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows RPCSS Service Isolation Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Windows Server 2003

Microsoft ≫ Windows Server 2003 Updatesp1

Microsoft ≫ Windows Server 2003 Updatesp1 Editionitanium

Microsoft ≫ Windows Server 2003 Updatesp2

Microsoft ≫ Windows Xp Editionpro_x64

Microsoft ≫ Windows Xp Updatesp2

Microsoft ≫ Windows Xp Updatesp2 Editionpro_x64

Microsoft ≫ Windows Xp Updatesp3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.65%	0.699

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

http://www.us-cert.gov/cas/techalerts/TA09-104A.html

US Government Resource

http://www.vupen.com/english/advisories/2009/1026

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012

http://www.securitytracker.com/id?1022044

http://osvdb.org/53667

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6147

https://nvd.nist.gov/vuln/detail/CVE-2009-0079

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-0079

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-0079

EUVD