Vulnerability CVE-2007-1209
Published: 2007-04-10   Modified: 2012-02-12

Description:
Use-after-free vulnerability in the Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a "dangling pointer" to a process data structure.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Windows Vista CSRSS Dangling Process Pointer Privilege Escalation
Derek Soeder
11.04.2007

Type:

CWE-399

 (Resource Management Errors)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Microsoft -> Windows vista 

 References:
http://research.eeye.com/html/advisories/published/AD20070410b.html
http://securityreason.com/securityalert/2531
http://www.kb.cert.org/vuls/id/219848
http://www.securityfocus.com/archive/1/465233/100/0/threaded
http://www.securityfocus.com/archive/1/466331/100/200/threaded
http://www.securityfocus.com/bid/23338
http://www.securitytracker.com/id?1017897
http://www.us-cert.gov/cas/techalerts/TA07-100A.html
http://www.vupen.com/english/advisories/2007/1325
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-021
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1524
Copyright 2024, cxsecurity.com

 

Back to Top