CVE-2009-2523

The License Logging Server (llssrv.exe) in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via an RPC message containing a string without a null terminator, which triggers a heap-based buffer overflow in the LlsrLicenseRequestW method, aka "License Logging Server Heap Overflow Vulnerability."

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.us-cert.gov/cas/techalerts/TA09-314A.html	Third Party Advisory US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-064	Mitigation Patch Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6300	Broken Link

Configurations

Configuration 1 (hide)

cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*

History

09 Feb 2024, 00:24

Type	Values Removed	Values Added
CWE	~~CWE-119~~	CWE-125 CWE-787
References	~~() http://www.us-cert.gov/cas/techalerts/TA09-314A.html - US Government Resource~~	() http://www.us-cert.gov/cas/techalerts/TA09-314A.html - Third Party Advisory, US Government Resource
References	~~() https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-064 -~~	() https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-064 - Mitigation, Patch, Vendor Advisory
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6300 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6300 - Broken Link

Information

Published : 2009-11-11 19:30

Updated : 2024-02-09 00:24

NVD link : CVE-2009-2523

Mitre link : CVE-2009-2523

CVE.ORG link : CVE-2009-2523

JSON object : View

Products Affected

microsoft

windows_2000

CWE

CWE-125

Out-of-bounds Read

CWE-787

Out-of-bounds Write

{"id": "CVE-2009-2523", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-11-11T19:30:00.407", "references": [{"url": "http://www.us-cert.gov/cas/techalerts/TA09-314A.html", "tags": ["Third Party Advisory", "US Government Resource"], "source": "secure@microsoft.com"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-064", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6300", "tags": ["Broken Link"], "source": "secure@microsoft.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "The License Logging Server (llssrv.exe) in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via an RPC message containing a string without a null terminator, which triggers a heap-based buffer overflow in the LlsrLicenseRequestW method, aka \"License Logging Server Heap Overflow Vulnerability.\""}, {"lang": "es", "value": "El servidor de registro de licencias (llssrv. exe) en Microsoft Windows 2000 SP4 permite a los atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un mensaje RPC que contiene una cadena sin null terminator, que desencadena un desbordamiento de b\u00fafer basado en el mont\u00f3n en el m\u00e9todo LlsrLicenseRequestW, tambi\u00e9n conocido como \"vulnerabilidad de desbordamiento de mont\u00f3n de servidor de registro de licencias.\""}], "lastModified": "2024-02-09T00:24:53.217", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}