Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-0079

Опубликовано: 15 апр. 2009
Источник: nvd
CVSS2: 6.9
EPSS Низкий

Описание

The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows RPCSS Service Isolation Vulnerability."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:pro_x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

EPSS

Процентиль: 70%
0.00646
Низкий

6.9 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

github логотип

GHSA-xgcq-fj5h-634c

github
почти 4 года назад

The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows RPCSS Service Isolation Vulnerability."

EPSS

Процентиль: 70%
0.00646
Низкий

6.9 Medium

CVSS2

Дефекты

CWE-264