CVE-2009-1125

{"id": "CVE-2009-1125", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-06-10T18:30:00.360", "references": [{"url": "http://osvdb.org/54942", "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/35372", "source": "secure@microsoft.com"}, {"url": "http://www.securityfocus.com/bid/35240", "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1022359", "source": "secure@microsoft.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA09-160A.html", "tags": ["US Government Resource"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2009/1544", "source": "secure@microsoft.com"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-025", "source": "secure@microsoft.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5912", "source": "secure@microsoft.com"}, {"url": "http://osvdb.org/54942", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/35372", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/35240", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1022359", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA09-160A.html", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2009/1544", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-025", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5912", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate an argument to an unspecified system call, which allows local users to gain privileges via a crafted application, aka \"Windows Driver Class Registration Vulnerability.\""}, {"lang": "es", "value": "The kernel en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, Vista Gold, SP1, y SP2, y Server 2008 SP2, no valida adecuadamente un argumento de una llamada de sistema inespec\u00edfica, lo que permite a usuarios locales ganar privilegios a trav\u00e9s de una aplicaci\u00f3n manipulada, tambi\u00e9n conocido como \"Vulnerabilidad de Registro de Clase de Driver de Windows\"."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:sp2:x32:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9517571A-BC1A-4838-A094-30081A86D36C"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:sp2:x64:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD7CA7F0-9C4D-4172-91BD-90A8C86EE337"}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5"}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878"}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}