Microsoft Active Directory Federation Services Header Validation Remote Code Execution Vulnerability

Bugtraq ID: 37214
Class: Design Error
CVE: CVE-2009-2509
Remote: Yes
Local: No
Published: Dec 08 2009 12:00AM
Updated: Dec 09 2009 08:44PM
Credit: Microsoft
Vulnerable: Microsoft Windows Server 2008 Standard Edition SP2
Microsoft Windows Server 2008 Standard Edition 0
Microsoft Windows Server 2008 R2 Datacenter 0
Microsoft Windows Server 2008 for x64-based Systems SP2
Microsoft Windows Server 2008 for x64-based Systems R2
Microsoft Windows Server 2008 for x64-based Systems 0
Microsoft Windows Server 2008 for 32-bit Systems SP2
Microsoft Windows Server 2008 for 32-bit Systems 0
Microsoft Windows Server 2008 Enterprise Edition SP2
Microsoft Windows Server 2008 Enterprise Edition 0
Microsoft Windows Server 2008 Datacenter Edition SP2
Microsoft Windows Server 2008 Datacenter Edition 0
Microsoft Windows Server 2008 SP2 Beta
Microsoft Windows Server 2003 x64 SP2
Microsoft Windows Server 2003 x64 SP1
Microsoft Windows Server 2003 Web Edition SP2
Microsoft Windows Server 2003 Web Edition SP1
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Standard x64 Edition
Microsoft Windows Server 2003 Standard Edition SP2
Microsoft Windows Server 2003 Standard Edition SP1
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Enterprise x64 Edition SP2
Microsoft Windows Server 2003 Enterprise x64 Edition
Microsoft Windows Server 2003 Enterprise Edition SP1
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Datacenter x64 Edition SP2
Microsoft Windows Server 2003 Datacenter x64 Edition
Microsoft Windows Server 2003 Datacenter Edition SP1
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2008 R2
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus