CVE-2009-2653

Severity

46%

Complexity

39%

Confidentiality

106%

** DISPUTED ** The NtUserConsoleControl function in win32k.sys in Microsoft Windows XP SP2 and SP3, and Server 2003 before SP1, allows local administrators to bypass unspecified "security software" and gain privileges via a crafted call that triggers an overwrite of an arbitrary memory location. NOTE: the vendor disputes the significance of this report, stating that 'the Administrator to SYSTEM "escalation" is not a security boundary we defend.'

** DISPUTED ** The NtUserConsoleControl function in win32k.sys in Microsoft Windows XP SP2 and SP3, and Server 2003 before SP1, allows local administrators to bypass unspecified "security software" and gain privileges via a crafted call that triggers an overwrite of an arbitrary memory location. NOTE: the vendor disputes the significance of this report, stating that 'the Administrator to SYSTEM "escalation" is not a security boundary we defend.'

CVSS 2.0 Base Score 4.6. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

Microsoft Windows

First reported 15 years ago

2009-08-03 14:30:00

Last updated 7 years ago

2017-09-19 01:29:00

Affected Software

Microsoft Windows Server 2003

Microsoft Windows XP Service Pack 2

Microsoft Windows XP Service Pack 3

References

http://blogs.technet.com/srd/archive/2009/06/11/latest-baidu-public-posting-requires-adminisrator-to-elevate.aspx

http://hi.baidu.com/azy0922/blog/item/f950cbc2890729130ef47783.html

Exploit

56780

1022630

9301

http://www.ntinternals.org/index.html#09_07_30

Exploit

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.