Vulnerability Name: | CVE-2009-0080 (CCN-49584) | ||||||||
Assigned: | 2009-04-14 | ||||||||
Published: | 2009-04-14 | ||||||||
Updated: | 2021-11-08 | ||||||||
Summary: | The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka "Windows Thread Pool ACL Weakness Vulnerability." | ||||||||
CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C) 5.1 Medium (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.1 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-269 | ||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||
References: | Source: MITRE Type: CNA CVE-2009-0080 Source: OSVDB Type: Broken Link 53668 Source: CCN Type: SECTRACK ID: 1022044 Microsoft Windows Privilege Separation and Access Control Bugs Let Local Users Gain Elevated Privileges Source: CCN Type: ASA-2009-137 MS09-012 Vulnerabilities in Windows Could Allow Elevation of Privilege (959454) Source: CCN Type: Microsoft Security Bulletin MS09-012 Vulnerabilities in Windows Could Allow Elevation of Privilege (959454) Source: CCN Type: OSVDB ID: 53668 Microsoft Windows ThreadPool ACL Enforcement Weakness Local Privilege Escalation Source: CCN Type: BID-34444 Microsoft Windows Thread Pool ACL Local Privilege Escalation Vulnerability Source: SECTRACK Type: Third Party Advisory, VDB Entry 1022044 Source: CERT Type: Third Party Advisory, US Government Resource TA09-104A Source: VUPEN Type: Permissions Required ADV-2009-1026 Source: MS Type: Patch, Vendor Advisory MS09-012 Source: XF Type: UNKNOWN win-threadpool-acl-privilege-escalation(49584) Source: CCN Type: Churrasco GIT Repository Churrasco/Churrasco.cpp Source: CCN Type: Medium Web site [Windows Privelege Escalation via Token Kidnapping] Source: CCN Type: NotSoSecure Web site Windows 2003 Token Kidnapping Privilege Escalation Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:6177 Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [2008-10-08] | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
Oval Definitions | |||||||||
| |||||||||
BACK |