CVE-2009-1126
- EPSS 1.44%
- Veröffentlicht 10.06.2009 18:30:00
- Zuletzt bearbeitet 16.06.2026 23:06:33
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly validate the user-mode input associated with the editing of an unspecified desktop parameter, which allows local users to gain privileges via a crafted ap...
CVE-2009-0229
- EPSS 3.93%
- Veröffentlicht 10.06.2009 18:00:00
- Zuletzt bearbeitet 16.06.2026 23:04:32
The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted separator page, aka "Print Spooler Read File Vulnerabi...
- EPSS 34.88%
- Veröffentlicht 10.06.2009 18:00:00
- Zuletzt bearbeitet 16.06.2026 23:04:32
The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file...
- EPSS 32.39%
- Veröffentlicht 10.06.2009 18:00:00
- Zuletzt bearbeitet 16.06.2026 23:05:19
The RPC Marshalling Engine (aka NDR) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly maintain its internal state, which allows remote attackers to overwrite arbitrary mem...
CVE-2009-0078
- EPSS 2.74%
- Veröffentlicht 15.04.2009 08:00:00
- Zuletzt bearbeitet 16.06.2026 23:04:13
The Windows Management Instrumentation (WMI) provider in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly implement isolation among a set of distinct processes that (1) all run under the...
CVE-2009-0080
- EPSS 2.36%
- Veröffentlicht 15.04.2009 08:00:00
- Zuletzt bearbeitet 16.06.2026 23:04:13
The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows...
- EPSS 14.15%
- Veröffentlicht 15.04.2009 08:00:00
- Zuletzt bearbeitet 16.06.2026 23:04:14
Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote HTTP servers to execute arbitrary code via crafted parameter values in ...
CVE-2009-0089
- EPSS 5.07%
- Veröffentlicht 15.04.2009 08:00:00
- Zuletzt bearbeitet 16.06.2026 23:04:14
Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Vista Gold allows remote web servers to impersonate arbitrary https web sites by using DNS spoofing to "forward a connection" to a differe...
CVE-2009-0550
- EPSS 11.75%
- Veröffentlicht 15.04.2009 08:00:00
- Zuletzt bearbeitet 16.06.2026 23:05:16
Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on...
- EPSS 24.49%
- Veröffentlicht 01.04.2009 18:00:00
- Zuletzt bearbeitet 16.06.2026 23:06:47
Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications (SUA); as used in gunzip, gzip, pack, pc...