CVE-2009-1544

CWE-399 CWE-4153 documents3 sources

Severity

8.8HIGH

EPSS

32.4%

top 3.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 2003 Server

Timeline

PublishedAug 12

Latest updateMay 2

Description

Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 system, or cause a denial of service via a crafted RPC message to a Vista Gold, SP1, or SP2 or Server 2008 Gold or SP2 system, aka "Workstation Service Memory Corruption Vulnerability."

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

▶NVDmicrosoft/windows_2003_serversp2

🔴Vulnerability Details

GHSA

GHSA-f74f-9cfw-p3xj: Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC messa↗2022-05-02

▶

CVEList

CVE-2009-1544: Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC messa↗2009-08-12

▶