NVD

Id
47420  
Name
CVE-2009-0078  
Description
The Windows Management Instrumentation (WMI) provider in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows WMI Service Isolation Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
7.2  
Severity
High  
CVSS Base Score
7.2  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2009-04-15  
Modified Date
2010-08-21  
Seq
2009-0078  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
237286 47420 CVE-2009-0078 oval:org.mitre.oval:def:6193  View
237287 47420 CVE-2009-0078 MS09-012  View
237288 47420 CVE-2009-0078 1022044  View
237289 47420 CVE-2009-0078 TA09-104A  View
237290 47420 CVE-2009-0078 ADV-2009-1026  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
40208 JVNDB-2009-001214 Microsoft Windows の WMI プロバイダーにおける権限昇格の脆弱性 Microsoft Windows の Windows Management Instrumentation (WMI) プロバイダーには、NetworkService または LocalService アカウントで実行されているプロセスを正しく分離しないため、権限を取得される脆弱性が存在します。 CVE-2009-0078 37509 CVE-2009-0078 47420 7.2 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001214.html 2009-04-14 2009-05-14 View