Vulnerability Name:

CVE-2009-0230 (CCN-50765)

Assigned:2009-06-09
Published:2009-06-09
Updated:2018-10-12
Summary:The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file from an arbitrary directory, aka "Print Spooler Load Library Vulnerability."
CVSS v3 Severity:9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.0 High (CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
6.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
6.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-264
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2009-0230

Source: OSVDB
Type: Broken Link
54934

Source: CCN
Type: SA35365
Microsoft Windows Print Spooler Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
35365

Source: CCN
Type: SECTRACK ID: 1022352
Windows Print Spooler Lets Remote Users Execute Arbitrary Code and Local Users Read Arbitrary Files

Source: CONFIRM
Type: Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2009-217.htm

Source: CCN
Type: ASA-2009-217
MS09-022 Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501)

Source: CCN
Type: NORTEL BULLETIN ID: 2009009558, Rev 1
Nortel Response to Microsoft Security Bulletin MS09-022

Source: CCN
Type: Microsoft Security Bulletin MS12-054
Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution (2733594)

Source: CCN
Type: Microsoft Security Bulletin MS16-087
Security Update for the Microsoft Print Spooler (3170005)

Source: CCN
Type: Microsoft Security Bulletin MS09-022
Vulnerabilities in the Windows Print Spooler Could Allow Remote Code Execution (961501)

Source: CCN
Type: OSVDB ID: 54934
Microsoft Windows Print Spooler Load Library Crafted RPC Message Arbitrary DLL Loading Privilege Escalation

Source: BID
Type: Third Party Advisory, VDB Entry
35209

Source: CCN
Type: BID-35209
Microsoft Windows Print Spooler Remote Code Execution Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1022352

Source: CERT
Type: Third Party Advisory, US Government Resource
TA09-160A

Source: VUPEN
Type: Third Party Advisory
ADV-2009-1541

Source: MS
Type: UNKNOWN
MS09-022

Source: XF
Type: UNKNOWN
win-printspooler-priv-escalation(50765)

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:6287

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:*:sp2:*:*:*:*:itanium:*
  • OR cpe:/o:microsoft:windows_2003_server:*:sp2:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:itanium:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:*:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp1:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:itanium:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:6287
    V
    Print Spooler Load Library Vulnerability
    2014-03-03
    BACK
    microsoft windows 2000 * sp4
    microsoft windows 2003 server * sp2
    microsoft windows 2003 server * sp2
    microsoft windows 2003 server * sp2
    microsoft windows server 2008
    microsoft windows server 2008
    microsoft windows server 2008 *
    microsoft windows server 2008 *
    microsoft windows server 2008 * sp2
    microsoft windows server 2008 - sp2
    microsoft windows vista *
    microsoft windows vista *
    microsoft windows vista * sp1
    microsoft windows vista * sp2
    microsoft windows xp * sp2
    microsoft windows xp * sp2
    microsoft windows xp * sp3
    microsoft windows 2000 - sp4
    microsoft windows xp sp2
    microsoft windows vista *
    microsoft windows server_2003 sp2
    microsoft windows server_2003 sp2
    microsoft windows server_2003 sp2
    microsoft windows vista -
    microsoft windows xp sp2
    microsoft windows vista - sp1
    microsoft windows vista - sp1
    microsoft windows server 2008 -
    microsoft windows server 2008 -
    microsoft windows server 2008 -
    microsoft windows xp sp3
    microsoft windows vista - sp2
    microsoft windows vista - sp2
    microsoft windows server 2008 sp2
    microsoft windows server 2008 sp2
    microsoft windows server 2008