Vulnerability Name:

CVE-2008-0322 (CCN-42358)

Assigned:2008-05-12
Published:2008-05-12
Updated:2017-08-08
Summary:The I2O Utility Filter driver (i2omgmt.sys) 5.1.2600.2180 for Microsoft Windows XP sets Everyone/Write permissions for the "\\.\I2OExc" device interface, which allows local users to gain privileges.
Note: this issue can be leveraged to overwrite arbitrary memory and execute code via an IOCTL call with a crafted DeviceObject pointer.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
4.4 Medium (CCN CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-264
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2008-0322

Source: IDEFENSE
Type: Patch
20080512 Microsoft Windows I2O Filter Utility Driver (i2omgmt.sys) Local Privilege Escalation Vulnerability

Source: CCN
Type: SA30203
Microsoft Windows XP I2O Utility Filter Driver Privilege Escalation

Source: SECUNIA
Type: Patch, Vendor Advisory
30203

Source: CCN
Type: SECTRACK ID: 1020006
Microsoft Windows XP 'i2omgmt.sys' Input Validation Flaw Lets Local Users Gain Elevated Privileges

Source: CCN
Type: Microsoft KB936929
Release notes for Windows XP Service Pack 3

Source: CCN
Type: OSVDB ID: 45048
Microsoft Windows XP I2O Utility Filter Driver (i2omgmt.sys) Local Privilege Escalation

Source: BID
Type: Patch
29171

Source: CCN
Type: BID-29171
Microsoft Windows Intelligent Input/Output (I2O) Multiple Local Privilege Escalation Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1020006

Source: VUPEN
Type: UNKNOWN
ADV-2008-1476

Source: XF
Type: UNKNOWN
win-i2omgmt-code-execution(42358)

Source: XF
Type: UNKNOWN
win-i2omgmt-code-execution(42358)

Source: CCN
Type: iDefense Labs PUBLIC ADVISORY: 05.12.08
Microsoft Windows I2O Filter Utility Driver (i2omgmt.sys) Local Privilege Escalation Vulnerability

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_xp:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:microsoft:windows:xp:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    microsoft windows xp *
    microsoft windows xp