{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-10-14T00:00:00", "descriptions": [{"lang": "en", "value": "The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate parameters sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, aka \"Windows Kernel Memory Corruption Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "SSRT080143", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"}, {"name": "32247", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32247"}, {"name": "win-kernel-input-privilege-escalation(45543)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45543"}, {"name": "MS08-061", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-061"}, {"name": "oval:org.mitre.oval:def:6045", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6045"}, {"name": "win-ms08kb954211-update(45544)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45544"}, {"name": "HPSBST02379", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"}, {"name": "ADV-2008-2812", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2812"}, {"name": "1021046", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021046"}, {"name": "TA08-288A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-288A.html"}, {"name": "31652", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/31652"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2008-2252", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate parameters sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, aka \"Windows Kernel Memory Corruption Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "SSRT080143", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"}, {"name": "32247", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32247"}, {"name": "win-kernel-input-privilege-escalation(45543)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45543"}, {"name": "MS08-061", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-061"}, {"name": "oval:org.mitre.oval:def:6045", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6045"}, {"name": "win-ms08kb954211-update(45544)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45544"}, {"name": "HPSBST02379", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"}, {"name": "ADV-2008-2812", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2812"}, {"name": "1021046", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021046"}, {"name": "TA08-288A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA08-288A.html"}, {"name": "31652", "refsource": "BID", "url": "http://www.securityfocus.com/bid/31652"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:58:01.671Z"}, "title": "CVE Program Container", "references": [{"name": "SSRT080143", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"}, {"name": "32247", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32247"}, {"name": "win-kernel-input-privilege-escalation(45543)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45543"}, {"name": "MS08-061", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-061"}, {"name": "oval:org.mitre.oval:def:6045", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6045"}, {"name": "win-ms08kb954211-update(45544)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45544"}, {"name": "HPSBST02379", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"}, {"name": "ADV-2008-2812", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2812"}, {"name": "1021046", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021046"}, {"name": "TA08-288A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-288A.html"}, {"name": "31652", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/31652"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2008-2252", "datePublished": "2008-10-15T00:00:00", "dateReserved": "2008-05-16T00:00:00", "dateUpdated": "2024-08-07T08:58:01.671Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*", "matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "43D64F8D-975A-4A5B-BEDF-D27D65C96A29", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:itanium:*", "matchCriteriaId": "72CC2D03-538A-4603-B4FF-C6930F9D7E20", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:x64:*", "matchCriteriaId": "7B311834-DF02-4F7A-B960-E4C1C7519A39", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:itanium:*:*:*:*:*", "matchCriteriaId": "DBE4A4EA-A0DE-4FDE-B9EC-D8729E17A1F1", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CAEEA81-5037-4B68-98D9-83AAEBC98E20", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:x64:*", "matchCriteriaId": "51160A46-6768-44D5-89CD-6DB9D2268A2E", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:x64:*", "matchCriteriaId": "7211B5C5-6B6E-4A33-88BC-1D64CD684204", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:x64:*", "matchCriteriaId": "949AD335-71B5-4C93-8698-6C17119CE7A7", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:x64:*", "matchCriteriaId": "BADB0479-3E0E-4326-B568-9DBDCACF0B5E", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate parameters sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, aka \"Windows Kernel Memory Corruption Vulnerability.\""}, {"lang": "es", "value": "El kernel de Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1 y Server 2008 no valida correctamente los par\u00e1metros enviados por el modo usuario al kernel, lo que permite a usuarios locales obtener privilegios mediante una aplicaci\u00f3n manipulada, tambi\u00e9n conocida como \"Windows Kernel Memory Corruption Vulnerability (Vulnerabilidad de Corrupci\u00f3n de Memoria del Kernel de Windows)\"."}], "id": "CVE-2008-2252", "lastModified": "2019-10-09T22:55:38.673", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-10-15T00:12:15.693", "references": [{"source": "secure@microsoft.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/32247"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/31652"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1021046"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-288A.html"}, {"source": "secure@microsoft.com", "tags": ["Broken Link"], "url": "http://www.vupen.com/english/advisories/2008/2812"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-061"}, {"source": "secure@microsoft.com", "tags": ["VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45543"}, {"source": "secure@microsoft.com", "tags": ["VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45544"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6045"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}