ID CVE-2009-2517
Summary The kernel in Microsoft Windows Server 2003 SP2 does not properly handle unspecified exceptions when an error condition occurs, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
CVSS
Base: 4.9 (as of 12-10-2018 - 21:52)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:N/A:C
oval via4
accepted 2009-11-30T04:00:54.388-05:00
class vulnerability
contributors
name Dragos Prisaca
organization Gideon Technologies, Inc.
definition_extensions
comment Microsoft Windows Server 2003 SP2 (x86) is installed
oval oval:org.mitre.oval:def:1935
description The kernel in Microsoft Windows Server 2003 SP2 does not properly handle unspecified exceptions when an error condition occurs, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability."
family windows
id oval:org.mitre.oval:def:6512
status accepted
submitted 2009-10-13T13:00:00
title Windows Kernel Exception Handler Vulnerability
version 66
refmap via4
cert TA09-286A
ms MS09-058
Last major update 12-10-2018 - 21:52
Published 14-10-2009 - 10:30
Back to Top