CERTA-2007-AVI-168

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été identifiées dans le processus Client/Server Runtime Subsystem ou CSRSS de Microsoft Windows. L'exploitation de celles-ci permettraient à une personne malveillante de perturber ou prendre le contrôle complet du système vulnérable.

Description

De multiples vulnérabilités ont été identifiées dans le processus Client/Server Runtime Subsystem ou CSRSS de Microsoft Windows. Ce dernier est un élément essentiel du système d'exploitation, qui permet entre autres de gérer les fenêtres et des éléments graphiques de Windows.

  • csrss.exe ne manipulerait pas correctement certains messages d'erreurs via ses fenêtres MsgBox. Une personne malveillante pourrait donc forcer l'affichage de tels messages particuliers (visite d'une page Web, ou lancement d'une application) afin de prendre le contrôle du système vulnérable ;
  • csrss.exe ne convertirait pas correctement certaines ressources système, ce qui pourrait également être exploité pour prendre le contrôle d'un système ;

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None
Impacted products
Vendor Product Description
Microsoft Windows Microsoft Windows XP Professional x64 Edition (Service Pack 2 compris).
Microsoft Windows Microsoft Windows Server 2003 x64 Edition (Service Pack 2 inclus) ;
Microsoft Windows Microsoft Windows XP Service Pack 2 ;
Microsoft Windows Microsoft Windows Server 2003 pour les systèmes Itanium (Service Pack 1 et Service Pack 2 inclus) ;
Microsoft Windows Windows Vista x64 Edition.
Microsoft Windows Microsoft Windows Server 2003 (Service Pack 1 et Service Pack 2 inclus) ;
Microsoft Windows Windows Vista ;
Microsoft Windows Microsoft Windows 2000 Service Pack 4 ;
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows XP Professional x64 Edition (Service Pack 2 compris).",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 x64 Edition (Service Pack 2 inclus) ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 pour les syst\u00e8mes Itanium (Service Pack 1 et Service Pack 2 inclus) ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista x64 Edition.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 (Service Pack 1 et Service Pack 2 inclus) ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2000 Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le processus\nClient/Server Runtime Subsystem ou CSRSS de Microsoft Windows. Ce\ndernier est un \u00e9l\u00e9ment essentiel du syst\u00e8me d\u0027exploitation, qui permet\nentre autres de g\u00e9rer les fen\u00eatres et des \u00e9l\u00e9ments graphiques de\nWindows.\n\n-   csrss.exe ne manipulerait pas correctement certains messages\n    d\u0027erreurs via ses fen\u00eatres MsgBox. Une personne malveillante\n    pourrait donc forcer l\u0027affichage de tels messages particuliers\n    (visite d\u0027une page Web, ou lancement d\u0027une application) afin de\n    prendre le contr\u00f4le du syst\u00e8me vuln\u00e9rable ;\n-   csrss.exe ne convertirait pas correctement certaines ressources\n    syst\u00e8me, ce qui pourrait \u00e9galement \u00eatre exploit\u00e9 pour prendre le\n    contr\u00f4le d\u0027un syst\u00e8me ;\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-1209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1209"
    },
    {
      "name": "CVE-2006-6696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6696"
    },
    {
      "name": "CVE-2006-6797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6797"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 eEye AD20070410b du 10 avril 2007 :",
      "url": "http://www.eeye.com/html/research/advisories/published/AD20070410b.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS07-021 du 11 avril 2007 :",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS07-021.mspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS07-021 du 11 avril 2007 :",
      "url": "http://www.microsoft.com/france/technet/security/bulletin/MS07-021.mspx"
    }
  ],
  "reference": "CERTA-2007-AVI-168",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-04-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le processus \u003cspan\nclass=\"textit\"\u003eClient/Server Runtime Subsystem\u003c/span\u003e ou CSRSS de\nMicrosoft Windows. L\u0027exploitation de celles-ci permettraient \u00e0 une\npersonne malveillante de perturber ou prendre le contr\u00f4le complet du\nsyst\u00e8me vuln\u00e9rable.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s de CSRSS dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS07-021 du 10 avril 2007",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.