7.8

CVE-2009-1139

EPSS 61.23%
Veröffentlicht 10.06.2009 18:00:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

Memory leak in the LDAP service in Active Directory on Microsoft Windows 2000 SP4 and Server 2003 SP2, and Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2, allows remote attackers to cause a denial of service (memory consumption and service outage) via (1) LDAP or (2) LDAPS requests with unspecified OID filters, aka "Active Directory Memory Leak Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Adam

   Microsoft ≫ Windows Xp Editionprofessional_x64
   Microsoft ≫ Windows Xp Updatesp2 Editionprofessional
   Microsoft ≫ Windows Xp Updatesp2 Editionprofessional_x64
   Microsoft ≫ Windows Xp Version- Updatesp3 Editionprofessional

Microsoft ≫ Windows Server 2003

   Microsoft ≫ Windows Xp Editionprofessional_x64
   Microsoft ≫ Windows Xp Updatesp2 Editionprofessional
   Microsoft ≫ Windows Xp Updatesp2 Editionprofessional_x64
   Microsoft ≫ Windows Xp Version- Updatesp3 Editionprofessional

Microsoft ≫ Windows Server 2003 Updatesp1

   Microsoft ≫ Windows Xp Editionprofessional_x64
   Microsoft ≫ Windows Xp Updatesp2 Editionprofessional
   Microsoft ≫ Windows Xp Updatesp2 Editionprofessional_x64
   Microsoft ≫ Windows Xp Version- Updatesp3 Editionprofessional

Microsoft ≫ Windows Server 2003 Updatesp2

   Microsoft ≫ Windows Xp Editionprofessional_x64
   Microsoft ≫ Windows Xp Updatesp2 Editionprofessional
   Microsoft ≫ Windows Xp Updatesp2 Editionprofessional_x64
   Microsoft ≫ Windows Xp Version- Updatesp3 Editionprofessional

Microsoft ≫ Windows 2000 Updatesp4

Microsoft ≫ Windows Server 2003 Updatesp1 Editionitanium

Microsoft ≫ Windows Server 2003 Updatesp2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	61.23%	0.983

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

http://www.us-cert.gov/cas/techalerts/TA09-160A.html

US Government Resource

http://secunia.com/advisories/35355

http://support.avaya.com/elmodocs2/security/ASA-2009-214.htm

http://www.securitytracker.com/id?1022349

http://www.vupen.com/english/advisories/2009/1537

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-018

http://osvdb.org/54938

http://www.securityfocus.com/bid/35225

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6253

https://nvd.nist.gov/vuln/detail/CVE-2009-1139

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-1139

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-1139

EUVD