Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:11818
HistoryJul 16, 2009 - 12:00 a.m.

Microsoft Virtual PC和Virtual Server本地权限提升漏洞(MS09-033)

2009-07-1600:00:00
Root
www.seebug.org
36

0.014 Low

EPSS

Percentile

84.8%

JSON

BUGTRAQ ID: 35601
CVE(CAN) ID: CVE-2009-1542

Microsoft Virtual PC和Virtual Server都是流行的虚拟机工具,允许在同一台计算机上运行多个操作系统。

Virtual PC和Virtual Server在Virtual Machine Monitor中执行特定指令时没有正确地验证权限级别,可能允许攻击者在承载的Guest操作系统中以提升的权限执行代码。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。

Microsoft Virtual PC 2007 SP1
Microsoft Virtual PC 2007
Microsoft Virtual PC 2004 SP1
Microsoft Virtual Server 2005 R2 SP1
厂商补丁:

Microsoft

Microsoft已经为此发布了一个安全公告(MS09-033)以及相应补丁:
MS09-033:Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (969856)
链接:http://www.microsoft.com/technet/security/bulletin/MS09-033.mspx?pf=true

Related

prion 1
nessus 1
openvas 2
cve 1
securityvulns 2
prion
prion
Information disclosure
2009-07-15 15:30:00
nessus
nessus
MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (969856)
2009-07-14 00:00:00
openvas
openvas
Microsoft Virtual PC/Server Privilege Escalation Vulnerability (969856)
2009-07-15 00:00:00
Microsoft Virtual PC/Server Privilege Escalation Vulnerability (969856)
2009-07-15 00:00:00
cve
cve
CVE-2009-1542
2009-07-15 15:30:00
securityvulns
securityvulns
Microsoft Virtual PC / Microsoft Virtual Server privilege escalation
2009-07-15 00:00:00
Microsoft Security Bulletin MS09-033 - Important Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (969856)
2009-07-15 00:00:00

0.014 Low

EPSS

Percentile

84.8%

JSON
Related for SSV:11818
prion1nessus1openvas2cve1securityvulns2