Vulnerability Name: CVE-2009-2513 (CCN-53973) Assigned: 2009-11-10 Published: 2009-11-10 Updated: 2018-10-12 Summary: The Graphics Device Interface (GDI) in win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Insufficient Data Validation Vulnerability." CVSS v3 Severity: 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H )Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C )5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C )5.3 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-20 Vulnerability Consequences: Gain Privileges References: Source: MITRE Type: CNACVE-2009-2513 Source: CCN Type: SA37309Microsoft Windows Win32k Kernel-Mode Driver Privilege Escalation Source: CCN Type: Microsoft Security Bulletin MS11-087Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417) Source: CCN Type: Microsoft Security Bulletin MS12-008Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465) Source: CCN Type: Microsoft Security Bulletin MS12-018Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2641653) Source: CCN Type: Microsoft Security Bulletin MS12-034Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578) Source: CCN Type: Microsoft Security Bulletin MS13-022Vulnerability in Silverlight Could Allow Remote Code Execution (2814124) Source: CCN Type: Microsoft Security Bulletin MS13-054Vulnerability in Windows Components Could Allow Remote Code Execution (2848295) Source: CCN Type: Microsoft Security Bulletin MS14-038Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689) Source: CCN Type: Microsoft Security Bulletin MS09-065Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947) Source: CCN Type: Microsoft Security Bulletin MS10-032Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559) Source: CCN Type: Microsoft Security Bulletin MS10-048Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2160329) Source: CCN Type: Microsoft Security Bulletin MS10-073Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957) Source: CCN Type: Microsoft Security Bulletin MS10-098Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2436673) Source: CCN Type: Microsoft Security Bulletin MS11-012Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2479628) Source: CCN Type: Microsoft Security Bulletin MS11-034Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2506223) Source: CCN Type: Microsoft Security Bulletin MS11-041Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2525694) Source: CCN Type: Microsoft Security Bulletin MS11-054Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917) Source: CCN Type: Microsoft Security Bulletin MS11-077Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2567053) Source: CCN Type: Microsoft Security Bulletin MS11-084Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service (2617657) Source: CCN Type: BID-36941Microsoft Windows Kernel GDI Data Validation Local Privilege Escalation Vulnerability Source: CERT Type: US Government ResourceTA09-314A Source: MS Type: UNKNOWNMS09-065 Source: XF Type: UNKNOWNwin-kernel-gdi-priv-escalation(53973) Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:6277 Vulnerable Configuration: Configuration 1 :cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2008:-:gold:itanium:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:*:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:* Configuration CCN 1 :cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:* OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:*:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp1:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:itanium:* Denotes that component is vulnerable Oval Definitions BACK
microsoft windows 2000 * sp4
microsoft windows 2003 server * sp2
microsoft windows 2003 server * sp2
microsoft windows 2003 server * sp2
microsoft windows server 2008 *
microsoft windows server 2008 *
microsoft windows server 2008 * sp2
microsoft windows server 2008 * sp2
microsoft windows server 2008 - gold
microsoft windows server 2008 - sp2
microsoft windows vista *
microsoft windows vista *
microsoft windows vista * sp1
microsoft windows vista * sp1
microsoft windows vista * sp2
microsoft windows vista * sp2
microsoft windows xp * sp2
microsoft windows xp * sp3
microsoft windows xp - sp2
microsoft windows 2000 - sp4
microsoft windows xp sp2
microsoft windows vista *
microsoft windows server_2003 sp2
microsoft windows server_2003 sp2
microsoft windows server_2003 sp2
microsoft windows vista -
microsoft windows xp sp2
microsoft windows vista - sp1
microsoft windows vista - sp1
microsoft windows server 2008 -
microsoft windows server 2008 -
microsoft windows server 2008 -
microsoft windows xp sp3
microsoft windows vista - sp2
microsoft windows vista - sp2
microsoft windows server 2008 sp2
microsoft windows server 2008 sp2
microsoft windows server 2008