cvelistv5 - cve-2009-0080

CVE-2009-0080 (GCVE-0-2009-0080)

Vulnerability from cvelistv5 – Published: 2009-04-15 03:49 – Updated: 2024-08-07 04:24

Summary

The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka "Windows Thread Pool ACL Weakness Vulnerability."

Severity ?

No CVSS data available.

CWE

Assigner

microsoft

References

URL

Tags

	http://www.securitytracker.com/id?1022044	vdb-entryx_refsource_SECTRACK
	http://www.us-cert.gov/cas/techalerts/TA09-104A.html	third-party-advisoryx_refsource_CERT
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://www.vupen.com/english/advisories/2009/1026	vdb-entryx_refsource_VUPEN
	http://osvdb.org/53668	vdb-entryx_refsource_OSVDB
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:24:17.096Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1022044",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022044"
          },
          {
            "name": "TA09-104A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
          },
          {
            "name": "MS09-012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012"
          },
          {
            "name": "ADV-2009-1026",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1026"
          },
          {
            "name": "53668",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53668"
          },
          {
            "name": "oval:org.mitre.oval:def:6177",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka \"Windows Thread Pool ACL Weakness Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "1022044",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022044"
        },
        {
          "name": "TA09-104A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
        },
        {
          "name": "MS09-012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012"
        },
        {
          "name": "ADV-2009-1026",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1026"
        },
        {
          "name": "53668",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53668"
        },
        {
          "name": "oval:org.mitre.oval:def:6177",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-0080",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka \"Windows Thread Pool ACL Weakness Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1022044",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022044"
            },
            {
              "name": "TA09-104A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
            },
            {
              "name": "MS09-012",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012"
            },
            {
              "name": "ADV-2009-1026",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1026"
            },
            {
              "name": "53668",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53668"
            },
            {
              "name": "oval:org.mitre.oval:def:6177",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2009-0080",
    "datePublished": "2009-04-15T03:49:00",
    "dateReserved": "2009-01-08T00:00:00",
    "dateUpdated": "2024-08-07T04:24:17.096Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"32623D48-7000-4C7D-823F-7D2A9841D88C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7CAEEA81-5037-4B68-98D9-83AAEBC98E20\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:x64:*\", \"matchCriteriaId\": \"51160A46-6768-44D5-89CD-6DB9D2268A2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A04E39A-623E-45CA-A5FC-25DAA0F275A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:x64:*\", \"matchCriteriaId\": \"7211B5C5-6B6E-4A33-88BC-1D64CD684204\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka \\\"Windows Thread Pool ACL Weakness Vulnerability.\\\"\"}, {\"lang\": \"es\", \"value\": \"La clase ThreadPool en Windows Vista Gold y SP1, y Server 2008, no implementa adecuadamente el aislamiento entre un conjunto de procesos distintos que (1) se ejecutan bajo la cuenta NetworkService o (2) se ejecutan bajo la cuenta LocalService, lo cual permite a usuarios locales conseguir privilegios aprovechando hilos incorrectos ACLs para acceder a los recursos de uno de los procesos, tambi\\u00e9n conocido como \\\"Vulnerabilidad Windows Thread Pool ACL Weakness\\\".\"}]",
      "id": "CVE-2009-0080",
      "lastModified": "2024-11-21T00:59:00.680",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 6.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.4, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2009-04-15T08:00:00.407",
      "references": "[{\"url\": \"http://osvdb.org/53668\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securitytracker.com/id?1022044\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-104A.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1026\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://osvdb.org/53668\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securitytracker.com/id?1022044\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-104A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1026\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-269\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-0080\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2009-04-15T08:00:00.407\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka \\\"Windows Thread Pool ACL Weakness Vulnerability.\\\"\"},{\"lang\":\"es\",\"value\":\"La clase ThreadPool en Windows Vista Gold y SP1, y Server 2008, no implementa adecuadamente el aislamiento entre un conjunto de procesos distintos que (1) se ejecutan bajo la cuenta NetworkService o (2) se ejecutan bajo la cuenta LocalService, lo cual permite a usuarios locales conseguir privilegios aprovechando hilos incorrectos ACLs para acceder a los recursos de uno de los procesos, tambi\u00e9n conocido como \\\"Vulnerabilidad Windows Thread Pool ACL Weakness\\\".\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":6.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32623D48-7000-4C7D-823F-7D2A9841D88C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CAEEA81-5037-4B68-98D9-83AAEBC98E20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"51160A46-6768-44D5-89CD-6DB9D2268A2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A04E39A-623E-45CA-A5FC-25DAA0F275A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:x64:*\",\"matchCriteriaId\":\"7211B5C5-6B6E-4A33-88BC-1D64CD684204\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/53668\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securitytracker.com/id?1022044\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-104A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1026\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://osvdb.org/53668\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securitytracker.com/id?1022044\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-104A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1026\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

CERTA-2009-AVI-142

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités ont été identifiées dans le système d'exploitation Microsoft Windows. Leur exploitation peut conduire à une élévation de privilèges.

Description

Plusieurs vulnérabilités ont été identifiées dans le système d'exploitation Microsoft Windows. Elles concernent :

le service de transaction MSDTC (Microsoft Distributed Transaction Coordinator) qui permet d'obtenir certains jetons (NetworkService) lors d'appels RPC ;
le service de gestion WMI (Windows Management Instrumentation) qui permet de récupérer sous certaines conditions les privilèges au niveau LocalSYSTEM ;
le service serveur RPC (RPCSS) qui permet de récupérer sous certaines conditions les droits LocalSYSTEM ;
la classe ThreadPool de Windows qui permet également d'exécuter, selon le positionnement des listes de contrôles d'accès des threads, du code avec des droits élevés LocalSYSTEM.

Certaines de ces vulnérabilités ont fait l'objet de l'alerte CERTA-2008-ALE-012 publiée le 10 octobre 2008.

Solution

Se référer au bulletin de sécurité MS09-012 de Microsoft pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Microsoft Windows Server 2003 Service Pack 1 et 2, y compris pour les systèmes x64 et Itanium ;
Microsoft	Windows	Microsoft Windows Vista, Service Pack 1 inclus, y compris pour les versions x64 ;
Microsoft	Windows	Microsoft Windows Server 2008 pour systèmes 32 bits, x64 et Itanium.
Microsoft	Windows	Microsoft Windows XP Service Pack 2 et 3 ;
Microsoft	Windows	Microsoft Windows XP Professional Edition pour systèmes x64, Service Pack 2 compris ;
Microsoft	Windows	Microsoft Windows 2000 Service Pack 4 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS09-012 du 14 avril 2009	None	vendor-advisory
Alerte du CERTA CERTA-2008-ALE-012 du 10 octobre 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows Server 2003 Service Pack 1 et 2, y compris pour les syst\u00e8mes x64 et Itanium ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Vista, Service Pack 1 inclus, y compris pour les versions x64 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2008 pour syst\u00e8mes 32 bits, x64 et Itanium.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Service Pack 2 et 3 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Professional Edition pour syst\u00e8mes x64, Service Pack 2 compris ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2000 Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation Microsoft Windows. Elles concernent\u00a0:\n\n-   le service de transaction MSDTC (Microsoft Distributed Transaction\n    Coordinator) qui permet d\u0027obtenir certains jetons (NetworkService)\n    lors d\u0027appels RPC\u00a0;\n-   le service de gestion WMI (Windows Management Instrumentation) qui\n    permet de r\u00e9cup\u00e9rer sous certaines conditions les privil\u00e8ges au\n    niveau LocalSYSTEM\u00a0;\n-   le service serveur RPC (RPCSS) qui permet de r\u00e9cup\u00e9rer sous\n    certaines conditions les droits LocalSYSTEM\u00a0;\n-   la classe ThreadPool de Windows qui permet \u00e9galement d\u0027ex\u00e9cuter,\n    selon le positionnement des listes de contr\u00f4les d\u0027acc\u00e8s des threads,\n    du code avec des droits \u00e9lev\u00e9s LocalSYSTEM.\n\nCertaines de ces vuln\u00e9rabilit\u00e9s ont fait l\u0027objet de l\u0027alerte\nCERTA-2008-ALE-012 publi\u00e9e le 10 octobre 2008.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 MS09-012 de Microsoft pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-0080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0080"
    },
    {
      "name": "CVE-2008-1436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1436"
    },
    {
      "name": "CVE-2009-0079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0079"
    },
    {
      "name": "CVE-2009-0078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0078"
    }
  ],
  "links": [
    {
      "title": "Alerte du CERTA CERTA-2008-ALE-012 du 10 octobre    2008\u00a0:",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2008-ALE-012/"
    }
  ],
  "reference": "CERTA-2009-AVI-142",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation Microsoft Windows. Leur exploitation peut conduire \u00e0 une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-012 du 14 avril 2009",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS09-012.mspx"
    }
  ]
}

CERTA-2009-AVI-142

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités ont été identifiées dans le système d'exploitation Microsoft Windows. Leur exploitation peut conduire à une élévation de privilèges.

Description

Plusieurs vulnérabilités ont été identifiées dans le système d'exploitation Microsoft Windows. Elles concernent :

le service de transaction MSDTC (Microsoft Distributed Transaction Coordinator) qui permet d'obtenir certains jetons (NetworkService) lors d'appels RPC ;
le service de gestion WMI (Windows Management Instrumentation) qui permet de récupérer sous certaines conditions les privilèges au niveau LocalSYSTEM ;
le service serveur RPC (RPCSS) qui permet de récupérer sous certaines conditions les droits LocalSYSTEM ;
la classe ThreadPool de Windows qui permet également d'exécuter, selon le positionnement des listes de contrôles d'accès des threads, du code avec des droits élevés LocalSYSTEM.

Certaines de ces vulnérabilités ont fait l'objet de l'alerte CERTA-2008-ALE-012 publiée le 10 octobre 2008.

Solution

Se référer au bulletin de sécurité MS09-012 de Microsoft pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Microsoft Windows Server 2003 Service Pack 1 et 2, y compris pour les systèmes x64 et Itanium ;
Microsoft	Windows	Microsoft Windows Vista, Service Pack 1 inclus, y compris pour les versions x64 ;
Microsoft	Windows	Microsoft Windows Server 2008 pour systèmes 32 bits, x64 et Itanium.
Microsoft	Windows	Microsoft Windows XP Service Pack 2 et 3 ;
Microsoft	Windows	Microsoft Windows XP Professional Edition pour systèmes x64, Service Pack 2 compris ;
Microsoft	Windows	Microsoft Windows 2000 Service Pack 4 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS09-012 du 14 avril 2009	None	vendor-advisory
Alerte du CERTA CERTA-2008-ALE-012 du 10 octobre 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows Server 2003 Service Pack 1 et 2, y compris pour les syst\u00e8mes x64 et Itanium ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Vista, Service Pack 1 inclus, y compris pour les versions x64 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2008 pour syst\u00e8mes 32 bits, x64 et Itanium.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Service Pack 2 et 3 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Professional Edition pour syst\u00e8mes x64, Service Pack 2 compris ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2000 Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation Microsoft Windows. Elles concernent\u00a0:\n\n-   le service de transaction MSDTC (Microsoft Distributed Transaction\n    Coordinator) qui permet d\u0027obtenir certains jetons (NetworkService)\n    lors d\u0027appels RPC\u00a0;\n-   le service de gestion WMI (Windows Management Instrumentation) qui\n    permet de r\u00e9cup\u00e9rer sous certaines conditions les privil\u00e8ges au\n    niveau LocalSYSTEM\u00a0;\n-   le service serveur RPC (RPCSS) qui permet de r\u00e9cup\u00e9rer sous\n    certaines conditions les droits LocalSYSTEM\u00a0;\n-   la classe ThreadPool de Windows qui permet \u00e9galement d\u0027ex\u00e9cuter,\n    selon le positionnement des listes de contr\u00f4les d\u0027acc\u00e8s des threads,\n    du code avec des droits \u00e9lev\u00e9s LocalSYSTEM.\n\nCertaines de ces vuln\u00e9rabilit\u00e9s ont fait l\u0027objet de l\u0027alerte\nCERTA-2008-ALE-012 publi\u00e9e le 10 octobre 2008.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 MS09-012 de Microsoft pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-0080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0080"
    },
    {
      "name": "CVE-2008-1436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1436"
    },
    {
      "name": "CVE-2009-0079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0079"
    },
    {
      "name": "CVE-2009-0078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0078"
    }
  ],
  "links": [
    {
      "title": "Alerte du CERTA CERTA-2008-ALE-012 du 10 octobre    2008\u00a0:",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2008-ALE-012/"
    }
  ],
  "reference": "CERTA-2009-AVI-142",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation Microsoft Windows. Leur exploitation peut conduire \u00e0 une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-012 du 14 avril 2009",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS09-012.mspx"
    }
  ]
}

GHSA-X82P-3W9H-8XQ7

Vulnerability from github – Published: 2022-05-02 03:12 – Updated: 2022-05-02 03:12

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-0080"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-04-15T08:00:00Z",
    "severity": "MODERATE"
  },
  "details": "The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka \"Windows Thread Pool ACL Weakness Vulnerability.\"",
  "id": "GHSA-x82p-3w9h-8xq7",
  "modified": "2022-05-02T03:12:42Z",
  "published": "2022-05-02T03:12:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0080"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/53668"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1022044"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1026"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2009-0080

Vulnerability from fkie_nvd - Published: 2009-04-15 08:00 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secure@microsoft.com	http://osvdb.org/53668	Broken Link
secure@microsoft.com	http://www.securitytracker.com/id?1022044	Third Party Advisory, VDB Entry
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA09-104A.html	Third Party Advisory, US Government Resource
secure@microsoft.com	http://www.vupen.com/english/advisories/2009/1026	Permissions Required
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012	Patch, Vendor Advisory
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/53668	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022044	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA09-104A.html	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1026	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177	Third Party Advisory

Impacted products

Vendor	Product	Version
microsoft	windows_server_2008	-
microsoft	windows_vista	-
microsoft	windows_vista	-
microsoft	windows_vista	-
microsoft	windows_vista	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CAEEA81-5037-4B68-98D9-83AAEBC98E20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "51160A46-6768-44D5-89CD-6DB9D2268A2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:x64:*",
              "matchCriteriaId": "7211B5C5-6B6E-4A33-88BC-1D64CD684204",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka \"Windows Thread Pool ACL Weakness Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "La clase ThreadPool en Windows Vista Gold y SP1, y Server 2008, no implementa adecuadamente el aislamiento entre un conjunto de procesos distintos que (1) se ejecutan bajo la cuenta NetworkService o (2) se ejecutan bajo la cuenta LocalService, lo cual permite a usuarios locales conseguir privilegios aprovechando hilos incorrectos ACLs para acceder a los recursos de uno de los procesos, tambi\u00e9n conocido como \"Vulnerabilidad Windows Thread Pool ACL Weakness\"."
    }
  ],
  "id": "CVE-2009-0080",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-15T08:00:00.407",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/53668"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1022044"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1026"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/53668"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1022044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2009-0080

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-0080

Aliases

CVE-2009-0080

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-0080",
    "description": "The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka \"Windows Thread Pool ACL Weakness Vulnerability.\"",
    "id": "GSD-2009-0080"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-0080"
      ],
      "details": "The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka \"Windows Thread Pool ACL Weakness Vulnerability.\"",
      "id": "GSD-2009-0080",
      "modified": "2023-12-13T01:19:43.854540Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2009-0080",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka \"Windows Thread Pool ACL Weakness Vulnerability.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1022044",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1022044"
          },
          {
            "name": "TA09-104A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
          },
          {
            "name": "MS09-012",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012"
          },
          {
            "name": "ADV-2009-1026",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/1026"
          },
          {
            "name": "53668",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/53668"
          },
          {
            "name": "oval:org.mitre.oval:def:6177",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:x64:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:x64:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-0080"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka \"Windows Thread Pool ACL Weakness Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-269"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "53668",
              "refsource": "OSVDB",
              "tags": [
                "Broken Link"
              ],
              "url": "http://osvdb.org/53668"
            },
            {
              "name": "TA09-104A",
              "refsource": "CERT",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
            },
            {
              "name": "ADV-2009-1026",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/1026"
            },
            {
              "name": "1022044",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id?1022044"
            },
            {
              "name": "oval:org.mitre.oval:def:6177",
              "refsource": "OVAL",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177"
            },
            {
              "name": "MS09-012",
              "refsource": "MS",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2021-11-08T21:45Z",
      "publishedDate": "2009-04-15T08:00Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-0080 (GCVE-0-2009-0080)

CERTA-2009-AVI-142

Description

Solution

CERTA-2009-AVI-142

Description

Solution

GHSA-X82P-3W9H-8XQ7

FKIE_CVE-2009-0080

GSD-2009-0080

Tags

Sightings

Nomenclature