6.5 Medium
AI Score
Confidence
High
3.6 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
9.4%
\Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using an IRQL to acquire a spinlock on paged memory via the NdisTapiDispatch function.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft:windows_xp | microsoft windows xp | eq | * |
microsoft:windows_2003_server | microsoft windows 2003 server | eq | sp1 |
secunia.com/advisories/24598
securityreason.com/securityalert/2471
www.osvdb.org/33628
www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=47
www.securityfocus.com/archive/1/463208/100/0/threaded
www.securityfocus.com/bid/23025
www.vupen.com/english/advisories/2007/1031
exchange.xforce.ibmcloud.com/vulnerabilities/33086