exploitDog

CVE-2008-5229

Опубликовано: 25 нояб. 2008

Источник: nvd

CVSS2: 6.9

EPSS Низкий

Описание

Stack-based buffer overflow in Microsoft Device IO Control in iphlpapi.dll in Microsoft Windows Vista Gold and SP1 allows local users in the Network Configuration Operator group to gain privileges or cause a denial of service (system crash) via a large invalid PrefixLength to the CreateIpForwardEntry2 method, as demonstrated by a "route add" command. NOTE: this issue might not cross privilege boundaries.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:gold:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01015

Низкий

6.9 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-gvmg-2852-c2v2

github

больше 3 лет назад

Stack-based buffer overflow in Microsoft Device IO Control in iphlpapi.dll in Microsoft Windows Vista Gold and SP1 allows local users in the Network Configuration Operator group to gain privileges or cause a denial of service (system crash) via a large invalid PrefixLength to the CreateIpForwardEntry2 method, as demonstrated by a "route add" command. NOTE: this issue might not cross privilege boundaries.

EPSS

Процентиль: 77%

0.01015

Низкий

6.9 Medium

CVSS2

Дефекты

CWE-119