10
CVE-2009-0568
- EPSS 58.35%
- Published 10.06.2009 18:00:00
- Last modified 09.04.2025 00:30:58
- Source secure@microsoft.com
- Teams watchlist Login
- Open Login
The RPC Marshalling Engine (aka NDR) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly maintain its internal state, which allows remote attackers to overwrite arbitrary memory locations via a crafted RPC message that triggers incorrect pointer reading, related to "IDL interfaces containing a non-conformant varying array" and FC_SMVARRAY, FC_LGVARRAY, FC_VARIABLE_REPEAT, and FC_VARIABLE_OFFSET, aka "RPC Marshalling Engine Vulnerability."
Data is provided by the National Vulnerability Database (NVD)
Microsoft ≫ Windows 2000 Updatesp4
Microsoft ≫ Windows 2003 Server Updatesp2
Microsoft ≫ Windows 2003 Server Updatesp2 HwPlatformitanium
Microsoft ≫ Windows 2003 Server Updatesp2 HwPlatformx64
Microsoft ≫ Windows Server Version2008 HwPlatformitanium
Microsoft ≫ Windows Server Version2008 Editionsp2 HwPlatformitanium
Microsoft ≫ Windows Server 2008 HwPlatformx64
Microsoft ≫ Windows Server 2008 HwPlatformx86
Microsoft ≫ Windows Server 2008 Updatesp2 HwPlatformx64
Microsoft ≫ Windows Server 2008 Updatesp2 HwPlatformx86
Microsoft ≫ Windows Vista HwPlatformx64
Microsoft ≫ Windows Vista Updatesp1
Microsoft ≫ Windows Vista Updatesp2
Microsoft ≫ Windows Vista Version-
Microsoft ≫ Windows Xp Updatesp2
Microsoft ≫ Windows Xp Updatesp2 HwPlatformx64
Microsoft ≫ Windows Xp Updatesp3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 58.35% | 0.981 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|