CVE-2008-2252

Опубликовано: 15 окт. 2008

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate parameters sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability."

Ссылки

http://marc.info/?l=bugtraq&m=122479227205998&w=2
Mailing List
Third Party Advisory
http://secunia.com/advisories/32247
Patch
Vendor Advisory
http://www.securityfocus.com/bid/31652
Patch
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1021046
Third Party Advisory
VDB Entry
http://www.us-cert.gov/cas/techalerts/TA08-288A.html
Third Party Advisory
US Government Resource
http://www.vupen.com/english/advisories/2008/2812
Broken Link
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-061
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/45543
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/45544
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6045
Third Party Advisory
http://marc.info/?l=bugtraq&m=122479227205998&w=2
Mailing List
Third Party Advisory
http://secunia.com/advisories/32247
Patch
Vendor Advisory
http://www.securityfocus.com/bid/31652
Patch
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1021046
Third Party Advisory
VDB Entry
http://www.us-cert.gov/cas/techalerts/TA08-288A.html
Third Party Advisory
US Government Resource
http://www.vupen.com/english/advisories/2008/2812
Broken Link
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-061
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/45543
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/45544
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6045
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:itanium:*

cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:-:*:itanium:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01054

Низкий

7.2 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-6r9m-v2c8-3rpw

github

почти 4 года назад