Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-0320
HistoryJan 28, 2009 - 6:30 p.m.

CVE-2009-0320

2009-01-2818:30:00
CWE-200
CWE-362
[email protected]
web.nvd.nist.gov

4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:C/I:N/A:N

6.2 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.1%

JSON

Microsoft Windows XP, Server 2003 and 2008, and Vista exposes I/O activity measurements of all processes, which allows local users to obtain sensitive information, as demonstrated by reading the I/O Other Bytes column in Task Manager (aka taskmgr.exe) to estimate the number of characters that a different user entered at a runas.exe password prompt, related to a “benchmarking attack.”

Affected configurations

NVD
Node
microsoftwindows_server_2003
OR
microsoftwindows_server_2008
OR
microsoftwindows_vista
OR
microsoftwindows_xp

Related

openvas 2
prion 1
cvelist 1
cve 1
openvas
openvas
MS Windows taskmgr.exe Information Disclosure Vulnerability
2009-02-03 00:00:00
Microsoft Windows taskmgr.exe Information Disclosure Vulnerability
2009-02-03 00:00:00
prion
prion
Design/Logic Flaw
2009-01-28 18:30:00
cvelist
cvelist
CVE-2009-0320
2009-01-28 18:00:00
cve
cve
CVE-2009-0320
2009-01-28 18:30:00

4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:C/I:N/A:N

6.2 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.1%

JSON
Related for NVD:CVE-2009-0320
openvas2prion1cvelist1cve1