6.8

CVE-2009-3675

EPSS 38.94%
Veröffentlicht 09.12.2009 18:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secure@microsoft.com
CVE-Watchlists
Login
Unerledigt
Login

LSASS.exe in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote authenticated users to cause a denial of service (CPU consumption) via a malformed ISAKMP request over IPsec, aka "Local Security Authority Subsystem Service Resource Exhaustion Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000 Versionsp4

Microsoft ≫ Windows 2003 Server Updatesp2

Microsoft ≫ Windows 2003 Server Version- Updatesp2 Editionitanium

Microsoft ≫ Windows 2003 Server Version- Updatesp2 Editionx64

Microsoft ≫ Windows Xp Updatesp2 Editionx64

Microsoft ≫ Windows Xp Updatesp3

Microsoft ≫ Windows Xp Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	38.94%	0.971

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8	6.9	AV:N/AC:L/Au:S/C:N/I:N/A:C

http://www.us-cert.gov/cas/techalerts/TA09-342A.html

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-069

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6639

https://nvd.nist.gov/vuln/detail/CVE-2009-3675

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-3675

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-3675

EUVD