| Vulnerability Name: | CVE-2005-2827 (CCN-23447) | ||||||||
| Assigned: | 2005-12-13 | ||||||||
| Published: | 2005-12-13 | ||||||||
| Updated: | 2019-04-30 | ||||||||
| Summary: | The thread termination routine in the kernel for Windows NT 4.0 and 2000 (NTOSKRNL.EXE) allows local users to modify kernel memory and execution flow via steps in which a terminating thread causes Asynchronous Procedure Call (APC) entries to free the wrong data, aka the "Windows Kernel Vulnerability." | ||||||||
| CVSS v3 Severity: | 8.2 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2005-2827 Source: CCN Type: SA15821 Microsoft Windows Kernel APC Queue List Handling Privilege Escalation Source: SECUNIA Type: Patch, Vendor Advisory 15821 Source: CCN Type: SA18064 Avaya Products Microsoft Windows Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 18064 Source: CCN Type: SA18311 Nortel Centrex IP Client Manager Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 18311 Source: SREASON Type: UNKNOWN 252 Source: CCN Type: SECTRACK ID: 1015347 Microsoft Windows 2000 Kernel APC Queue Bug Lets Local Users Gain Elevated Privileges Source: SECTRACK Type: UNKNOWN 1015347 Source: CONFIRM Type: UNKNOWN http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf Source: CCN Type: eEye Digital Security Advisory AD20051213 Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability Source: EEYE Type: UNKNOWN EEYEB-20051213 Source: CCN Type: Microsoft Security Bulletin MS05-055 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (908523) Source: CCN Type: Microsoft Security Bulletin MS06-049 Vulnerability in Windows Kernel Could Result in Elevation of Privilege (920958) Source: CCN Type: Microsoft Security Bulletin MS07-017 Vulnerabilities in GDI Could Allow Remote Code Execution (925902) Source: OSVDB Type: UNKNOWN 18823 Source: CCN Type: OSVDB ID: 18823 Microsoft Windows Kernel APC Queue Manipulation Local Privilege Escalation Source: BUGTRAQ Type: UNKNOWN 20051213 [EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability Source: BID Type: Patch 15826 Source: CCN Type: BID-15826 Microsoft Windows Asynchronous Procedure Call Local Privilege Escalation Vulnerability Source: VUPEN Type: UNKNOWN ADV-2005-2868 Source: VUPEN Type: UNKNOWN ADV-2005-2909 Source: MISC Type: UNKNOWN http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420 Source: MS Type: UNKNOWN MS05-055 Source: XF Type: UNKNOWN win-apc-gain-privileges(23447) Source: XF Type: UNKNOWN win-apc-gain-privileges(23447) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1583 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||