| Vulnerability Name: | CVE-2009-1808 (CCN-50903) | ||||||||
| Assigned: | 2009-02-02 | ||||||||
| Published: | 2009-02-02 | ||||||||
| Updated: | 2017-08-17 | ||||||||
| Summary: | Microsoft Windows XP SP3 allows local users to cause a denial of service (system crash) by making an SPI_SETDESKWALLPAPER SystemParametersInfo call with an improperly terminated pvParam argument, followed by an SPI_GETDESKWALLPAPER SystemParametersInfo call. | ||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
| CVSS v2 Severity: | 4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C) 3.7 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: MITRE Type: CNA CVE-2009-1808 Source: CCN Type: SA35323 Microsoft Windows "SystemParametersInfo()" Privilege Escalation Source: SECUNIA Type: UNKNOWN 35323 Source: CCN Type: SECTRACK ID: 1022330 Microsoft Windows Bug in SETDESKWALLPAPER and GETDESKWALLPAPER Calls Let Local Users Deny Service Source: CCN Type: Microsoft Web site Microsoft Windows Source: CCN Type: OSVDB ID: 54931 Microsoft Windows SystemParametersInfo() Function SPI_*DESKWALLPAPER Call Local DoS Source: CCN Type: Insanely Low-Level Oh No, My XPSP3 Source: MISC Type: Exploit http://www.ragestorm.net/blogs/?p=78 Source: BID Type: Exploit 35120 Source: CCN Type: BID-35120 Microsoft Windows Desktop Wall Paper System Parameter Local Privilege Escalation Vulnerability Source: SECTRACK Type: UNKNOWN 1022330 Source: XF Type: UNKNOWN win-spisetdeskwallpaper-dos(50903) Source: XF Type: UNKNOWN win-spisetdeskwallpaper-dos(50903) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||