Lucene search

PRIOn knowledge basePRION:CVE-2008-1451

HistoryJun 12, 2008 - 2:32 a.m.

Memory corruption

2008-06-1202:32:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

The WINS service on Microsoft Windows 2000 SP4, and Server 2003 SP1 and SP2, does not properly validate data structures in WINS network packets, which allows local users to gain privileges via a crafted packet, aka “Memory Overwrite Vulnerability.”

CPENameOperatorVersion
windows_2000eq- sp4
windows_2003_servereq- sp2
windows_2003_servereq- sp1

Name	Operator	Version
windows_2000	eq	- sp4
windows_2003_server	eq	- sp2
windows_2003_server	eq	- sp1

References

secunia.com/advisories/30584

securitytracker.com/id?1020228

www.securityfocus.com/bid/29588

www.us-cert.gov/cas/techalerts/TA08-162B.html

www.vupen.com/english/advisories/2008/1781

docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-034

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5582

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for PRION:CVE-2008-1451