SB2009060901 - Multiple priviledge escalation vulnerabilities in Microsoft Windows

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2009060901

SB2009060901 - Multiple priviledge escalation vulnerabilities in Microsoft Windows

Published: June 9, 2009 Updated: March 16, 2017

Security Bulletin ID SB2009060901
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Medium 25% Low 75%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 vulnerabilities.


1) Privilege escalation (CVE-ID: CVE-2009-1126)

CWE-ID: CWE-233 - Improper Handling of Parameters

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear


The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to improper validation of user-mode input. By running a malicious application, a local attacker can edit an unspecified desktop parameter and execute arbitrary code in kernel mode.

Successful exploitation of the vulnerability results in privilege escalation allowing to execute arbitrary code and take complete control of an affected system.

2) Privilege escalation (CVE-ID: CVE-2009-1125)

CWE-ID: CWE-622 - Improper Validation of Function Hook Argument

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to improper validation of an argument to an unspecified system call. By running a malicious application, a local attacker can submit malformed calls to the Windows Kernel and execute arbitrary code in kernel mode.

Successful exploitation of the vulnerability results in privilege escalation allowing to execute arbitrary code and take complete control of an affected system.

3) Privilege escalation (CVE-ID: CVE-2009-1124)

CWE-ID: CWE-822 - Untrusted Pointer Dereference

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to improper validation of changes in certain kernel objects. By running a malicious application, a local attacker can submit malformed calls to the Windows Kernel and execute arbitrary code in kernel mode.

Successful exploitation of the vulnerability results in privilege escalation allowing to execute arbitrary code and take complete control of an affected system.

4) Privilege escalation (CVE-ID: CVE-2009-1123)

CWE-ID: CWE-822 - Untrusted Pointer Dereference

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Green


The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to improper validation of changes in certain kernel objects. By running a malicious application, a local attacker can submit malformed calls to the Windows Kernel and execute arbitrary code in kernel mode.

Successful exploitation of the vulnerability results in privilege escalation allowing to execute arbitrary code and take complete control of an affected system.

Note: according to reports this vulnerability was being actively exploited before Microsoft issued security patch.

Remediation

Install update from vendor's website.

References