exploitDog

CVE-2009-0320

Опубликовано: 28 янв. 2009

Источник: nvd

CVSS2: 4

EPSS Низкий

Описание

Microsoft Windows XP, Server 2003 and 2008, and Vista exposes I/O activity measurements of all processes, which allows local users to obtain sensitive information, as demonstrated by reading the I/O Other Bytes column in Task Manager (aka taskmgr.exe) to estimate the number of characters that a different user entered at a runas.exe password prompt, related to a "benchmarking attack."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00914

Низкий

4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-444h-qfvw-6mmm

github

почти 4 года назад

Microsoft Windows XP, Server 2003 and 2008, and Vista exposes I/O activity measurements of all processes, which allows local users to obtain sensitive information, as demonstrated by reading the I/O Other Bytes column in Task Manager (aka taskmgr.exe) to estimate the number of characters that a different user entered at a runas.exe password prompt, related to a "benchmarking attack."

EPSS

Процентиль: 75%

0.00914

Низкий

4 Medium

CVSS2

Дефекты

CWE-200