CVE-2009-0229

CWE-200 — Information Exposure3 documents3 sources

Severity

4.9MEDIUM

EPSS

3.0%

top 13.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 2000 Microsoft Windows 2003 Server Microsoft Windows Server 2008 +2 more

Timeline

PublishedJun 10

Latest updateMay 2

Description

The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted separator page, aka "Print Spooler Read File Vulnerability."

CVSS vector

AV:L/AC:L/C:C/I:N/A:NExploitability: 3.9 | Impact: 6.9

Affected Packages5 packages

▶NVDmicrosoft/windows_2003_serversp2

▶NVDmicrosoft/windows_2000sp4

▶NVDmicrosoft/windows_vistagold, sp1, sp2+2

▶NVDmicrosoft/windowssp2

▶NVDmicrosoft/windows_xpsp3

🔴Vulnerability Details

GHSA

GHSA-9v3g-8955-wqqq: The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows loca↗2022-05-02

▶

CVEList

CVE-2009-0229: The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows loca↗2009-06-10

▶