Vulnerability Details : CVE-2009-2653
Potential exploit
The NtUserConsoleControl function in win32k.sys in Microsoft Windows XP SP2 and SP3, and Server 2003 before SP1, allows local administrators to bypass unspecified "security software" and gain privileges via a crafted call that triggers an overwrite of an arbitrary memory location. NOTE: the vendor disputes the significance of this report, stating that 'the Administrator to SYSTEM "escalation" is not a security boundary we defend.
Products affected by CVE-2009-2653
- cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-2653
1.84%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 81 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-2653
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
CWE ids for CVE-2009-2653
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-2653
-
http://www.ntinternals.org/index.html#09_07_30
Web Page Under ConstructionExploit
-
http://www.exploit-db.com/exploits/9301
Microsoft Windows XP - 'win32k.sys' Local Privilege Escalation - Windows local Exploit
-
http://blogs.technet.com/srd/archive/2009/06/11/latest-baidu-public-posting-requires-adminisrator-to-elevate.aspx
Microsoft Learn: Build skills that open doors in your career
-
http://securitytracker.com/id?1022630
securitytracker.com
-
http://osvdb.org/56780
-
http://hi.baidu.com/azy0922/blog/item/f950cbc2890729130ef47783.html
如流,新一代智能工作平台Exploit
Jump to