Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:775933
HistoryApr 13, 2005 - 12:00 a.m.

Microsoft Windows Kernel Vulnerability

2005-04-1300:00:00
www.kb.cert.org
25

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

12.3%

JSON

Overview

A privilege elevation vulnerability exists in the way that the Windows’ kernel processes certain access requests. This vulnerability could allow a logged on user to take complete control of the system.

Description

A locally authenticated user could potentially exploit a vulnerability in the way that the Windows’ kernel processes certain access requests. Microsoft indicates that this vulnerability could not be exploited remotely. For more information see the Microsoft bulletin MS05-018.

Impact

A locally authenticated user could potentially execute arbitrary code with elevated privileges allowing them to gain complete control of the system.

Solution

Apply a patch

Microsoft has published Microsoft Security Bulletin MS05-018 in response to this issue. Users are strongly encouraged to review this advisory and apply the patches it refers to.

Vendor Information

775933

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Microsoft Corporation __ Affected

Updated: April 13, 2005

Status

Affected

Vendor Statement

For more information please see Microsoft bulletin MS05-018 available at: <http://www.microsoft.com/technet/security/bulletin/MS05-018.mspx&gt;

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23775933 Feedback>).

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

<http://www.microsoft.com/technet/security/bulletin/MS05-018.mspx&gt;

Acknowledgements

Thanks to Microsoft who in turn thank Sanjeev Radhakrishnan, Amit Joshi, and Ananta Iyengar with GreenBorder Technologies for reporting the Windows Kernel Vulnerability

This document was written by Robert Mead based on information provided by Microsoft.

Other Information

CVE IDs: CVE-2005-0061
Severity Metric: 2.43 Date Public:

Related

cve 1
nessus 1
securityvulns 1
cve
cve
CVE-2005-0061
2005-05-02 04:00:00
nessus
nessus
MS05-018: Vulnerabilities in Windows Kernel (890859)
2005-04-12 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS05-018 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service &#40;890859&#41;
2005-04-13 00:00:00

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

12.3%

JSON
Related for VU:775933
cve1nessus1securityvulns1