Vulnerability CVE-2009-2653


Published: 2009-08-03   Modified: 2012-02-13

Description:
** DISPUTED ** The NtUserConsoleControl function in win32k.sys in Microsoft Windows XP SP2 and SP3, and Server 2003 before SP1, allows local administrators to bypass unspecified "security software" and gain privileges via a crafted call that triggers an overwrite of an arbitrary memory location. NOTE: the vendor disputes the significance of this report, stating that 'the Administrator to SYSTEM "escalation" is not a security boundary we defend.'

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Microsoft Windows XP (win32k.sys) Local Privilege Escalation Exploit
NT Internals
05.08.2009

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Microsoft -> Windows server 2003 
Microsoft -> Windows xp 

 References:
http://blogs.technet.com/srd/archive/2009/06/11/latest-baidu-public-posting-requires-adminisrator-to-elevate.aspx
http://hi.baidu.com/azy0922/blog/item/f950cbc2890729130ef47783.html
http://securitytracker.com/id?1022630
http://www.exploit-db.com/exploits/9301
http://www.ntinternals.org/index.html#09_07_30

Copyright 2024, cxsecurity.com

 

Back to Top