Microsoft Windows Thread Pool ACL Local Privilege Escalation Vulnerability

Bugtraq ID: 34444
Class: Design Error
CVE: CVE-2009-0080
Remote: No
Local: Yes
Published: Apr 14 2009 12:00AM
Updated: Apr 17 2009 02:56PM
Credit: Cesar Cerrudo of Argeniss
Vulnerable: Microsoft Windows Vista x64 Edition SP1
Microsoft Windows Vista x64 Edition 0
Microsoft Windows Vista Ultimate 64-bit edition SP1
Microsoft Windows Vista Ultimate 64-bit edition 0
Microsoft Windows Vista Home Premium 64-bit edition SP1
Microsoft Windows Vista Home Premium 64-bit edition 0
Microsoft Windows Vista Home Basic 64-bit edition SP1
Microsoft Windows Vista Home Basic 64-bit edition 0
Microsoft Windows Vista Enterprise 64-bit edition SP1
Microsoft Windows Vista Enterprise 64-bit edition 0
Microsoft Windows Vista December CTP
Microsoft Windows Vista Business 64-bit edition SP1
Microsoft Windows Vista Business 64-bit edition 0
Microsoft Windows Vista Ultimate SP1
Microsoft Windows Vista Ultimate
Microsoft Windows Vista SP2 Beta
Microsoft Windows Vista SP1
Microsoft Windows Vista Home Premium SP1
Microsoft Windows Vista Home Premium
Microsoft Windows Vista Home Basic SP1
Microsoft Windows Vista Home Basic
Microsoft Windows Vista Enterprise SP1
Microsoft Windows Vista Enterprise
Microsoft Windows Vista Business SP1
Microsoft Windows Vista Business
Microsoft Windows Vista beta 2
Microsoft Windows Vista Beta 1
Microsoft Windows Vista Beta
Microsoft Windows Vista 0
Microsoft Windows Server 2008 Standard Edition Release Candidate
Microsoft Windows Server 2008 Standard Edition 0
Microsoft Windows Server 2008 R2 Datacenter 0
Microsoft Windows Server 2008 for x64-based Systems 0
Microsoft Windows Server 2008 for Itanium-based Systems 0
Microsoft Windows Server 2008 for 32-bit Systems 0
Microsoft Windows Server 2008 Enterprise Edition Release Candidate
Microsoft Windows Server 2008 Enterprise Edition 0
Microsoft Windows Server 2008 Datacenter Edition Release Candidate
Microsoft Windows Server 2008 Datacenter Edition 0
Microsoft Windows Server 2008 SP2 Beta
Avaya Messaging Application Server MM 3.1
Avaya Messaging Application Server MM 3.0
Avaya Messaging Application Server MM 2.0
Avaya Messaging Application Server MM 1.1
Avaya Messaging Application Server 0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus