9

CVE-2009-1542

EPSS 18.62%
Published 15.07.2009 15:30:01
Last modified 09.04.2025 00:30:58
Source secure@microsoft.com
Teams watchlist Login
Open Login

The Virtual Machine Monitor (VMM) in Microsoft Virtual PC 2004 SP1, 2007, and 2007 SP1, and Microsoft Virtual Server 2005 R2 SP1, does not enforce CPU privilege-level requirements for all machine instructions, which allows guest OS users to execute arbitrary kernel-mode code and gain privileges within the guest OS via a crafted application, aka "Virtual PC and Virtual Server Privileged Instruction Decoding Vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Virtual Pc Version2004 Updatesp1

Microsoft ≫ Virtual Pc Version2007

Microsoft ≫ Virtual Pc Version2007 Editionx64

Microsoft ≫ Virtual Pc Version2007 Updatesp1

Microsoft ≫ Virtual Server Version2005 Updater2_sp1

Microsoft ≫ Virtual Server Version2005 Updater2_sp1 Editionx64

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	18.62%	0.947

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

http://www.us-cert.gov/cas/techalerts/TA09-195A.html

US Government Resource

http://secunia.com/advisories/35808

http://www.securitytracker.com/id?1022544

http://www.vupen.com/english/advisories/2009/1890

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-033

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6166

https://nvd.nist.gov/vuln/detail/CVE-2009-1542

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-1542

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-1542

EUVD