Lucene search
Immunity CanvasMS08_049HistoryAug 13, 2008 - 12:42 p.m.
Immunity Canvas: MS08_049
2008-08-1312:42:00
Immunity Canvas
exploitlist.immunityinc.com
24
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.224 Low
EPSS
Percentile
96.0%
| Name | ms08_049 |
|---|---|
| CVE | CVE-2008-1457 Exploit Pack |
| VENDOR: Microsoft | |
| Notes: Due to the fact that the svchost.exe instance where the EventSystem service is running is DEP protected, and that all loaded DLLs have GS cookies and SafeSEH enabled, the stack overflow can only be exploit when DEP is AlwaysOff (at least at the current state of our knowledge) | |
| Repeatability: One Shot | |
| MSRC: http://www.microsoft.com/technet/security/bulletin/ms08-049.mspx | |
| MSADV: MS08-049 | |
| CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1457 | |
| Date public: 08/12/2008 | |
| CVSS: 9.0 |
Related
seebug
seebug
Microsoft Windows事件系统用户订阅请求权限提升漏洞(MS08-049)
2008-08-15 00:00:00
cvelist
cvelist
CVE-2008-1457
2008-08-13 10:00:00
prion
prion
Cross site request forgery (csrf)
2008-08-13 12:42:00
cve
cve
CVE-2008-1457
2008-08-13 12:42:00
nessus
nessus
openvas
openvas
Vulnerabilities in Event System Could Allow Remote Code Execution (950974)
2008-08-19 00:00:00
Vulnerabilities in Event System Could Allow Remote Code Execution (950974)
2008-08-19 00:00:00
securityvulns
securityvulns
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.224 Low
EPSS
Percentile
96.0%
Related for MS08_049