6.8

CVE-2009-3675

EPSS 38.94%
Published 09.12.2009 18:30:00
Last modified 09.04.2025 00:30:58
Source secure@microsoft.com
Teams watchlist Login
Open Login

LSASS.exe in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote authenticated users to cause a denial of service (CPU consumption) via a malformed ISAKMP request over IPsec, aka "Local Security Authority Subsystem Service Resource Exhaustion Vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000 Versionsp4

Microsoft ≫ Windows 2003 Server Updatesp2

Microsoft ≫ Windows 2003 Server Version- Updatesp2 Editionitanium

Microsoft ≫ Windows 2003 Server Version- Updatesp2 Editionx64

Microsoft ≫ Windows Xp Updatesp2 Editionx64

Microsoft ≫ Windows Xp Updatesp3

Microsoft ≫ Windows Xp Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	38.94%	0.972

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	8	6.9	AV:N/AC:L/Au:S/C:N/I:N/A:C

http://www.us-cert.gov/cas/techalerts/TA09-342A.html

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-069

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6639

https://nvd.nist.gov/vuln/detail/CVE-2009-3675

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-3675

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-3675

EUVD