Vulnerability Name:

CVE-2007-3463

Assigned:2007-06-27
Published:2007-06-27
Updated:2018-10-16
Summary:** DISPUTED ** Microsoft Windows XP SP2 allows local users, who have sessions created by another user's RunAs (run as) command, to kill arbitrary processes of this other user, as demonstrated by the taskkill program.
Note: the researcher claims a vendor dispute in which the vendor states that "RunAs and UAC are convenience features, not security boundaries. If you need a security guarantee, please log out and log back in with a different account."
CVSS v3 Severity:5.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-Other
References:Source: MITRE
Type: CNA
CVE-2007-3463

Source: OSVDB
Type: UNKNOWN
39014

Source: BUGTRAQ
Type: UNKNOWN
20070623 "run as" local denial-of-service enables administrative account processes to be killed

Source: BUGTRAQ
Type: UNKNOWN
20070626 RE: "run as" local denial-of-service enables administrative account processes to be killed

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    microsoft windows xp * sp2