Vulnerability Details : CVE-2009-0230
The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file from an arbitrary directory, aka "Print Spooler Load Library Vulnerability."
Products affected by CVE-2009-0230
- cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:x64:*
- cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:x64:*
- cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:itanium:*
- cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:x64:*
- cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008:*:*:*:*:*:itanium:*
- cpe:2.3:o:microsoft:windows_server:2008:*:sp2:*:*:*:itanium:*
- cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:*
- cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*
Exploit prediction scoring system (EPSS) score for CVE-2009-0230
1.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 84 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-0230
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
NIST |
CWE ids for CVE-2009-0230
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-0230
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-022
Microsoft Security Bulletin MS09-022 - Critical | Microsoft Learn
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6287
Third Party Advisory
-
http://www.securityfocus.com/bid/35209
Third Party Advisory;VDB Entry
-
http://support.avaya.com/elmodocs2/security/ASA-2009-217.htm
ASA-2009-217 (961501)Third Party Advisory
-
http://www.securitytracker.com/id?1022352
Third Party Advisory;VDB Entry
-
http://www.us-cert.gov/cas/techalerts/TA09-160A.html
Page Not Found | CISAThird Party Advisory;US Government Resource
-
http://www.vupen.com/english/advisories/2009/1541
Webmail: access your OVH emails on ovhcloud.com | OVHcloudThird Party Advisory
Jump to