CVE-2010-1225 - OpenCVE

Vendors	Products
Microsoft	Virtual Pc Virtual Server Windows Virtual Pc

Link	Providers
http://securitytracker.com/id?1023720
http://www.coresecurity.com/content/virtual-pc-2007-hypervisor-memory-protection-bug
http://www.securityfocus.com/archive/1/510154/100/0/threaded
http://www.securityfocus.com/bid/38764

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-03-16T00:00:00", "descriptions": [{"lang": "en", "value": "The memory-management implementation in the Virtual Machine Monitor (aka VMM or hypervisor) in Microsoft Virtual PC 2007 Gold and SP1, Virtual Server 2005 Gold and R2 SP1, and Windows Virtual PC does not properly restrict access from the guest OS to memory locations in the VMM work area, which allows context-dependent attackers to bypass certain anti-exploitation protection mechanisms on the guest OS via crafted input to a vulnerable application. NOTE: the vendor reportedly found that only systems with an otherwise vulnerable application are affected, because \"the memory areas accessible from the guest cannot be leveraged to achieve either remote code execution or elevation of privilege and ... no data from the host is exposed to the guest OS.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20100316 CORE-2009-0803: Virtual PC Hypervisor Memory Protection Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/510154/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://www.coresecurity.com/content/virtual-pc-2007-hypervisor-memory-protection-bug"}, {"name": "1023720", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1023720"}, {"name": "38764", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/38764"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-1225", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The memory-management implementation in the Virtual Machine Monitor (aka VMM or hypervisor) in Microsoft Virtual PC 2007 Gold and SP1, Virtual Server 2005 Gold and R2 SP1, and Windows Virtual PC does not properly restrict access from the guest OS to memory locations in the VMM work area, which allows context-dependent attackers to bypass certain anti-exploitation protection mechanisms on the guest OS via crafted input to a vulnerable application. NOTE: the vendor reportedly found that only systems with an otherwise vulnerable application are affected, because \"the memory areas accessible from the guest cannot be leveraged to achieve either remote code execution or elevation of privilege and ... no data from the host is exposed to the guest OS.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20100316 CORE-2009-0803: Virtual PC Hypervisor Memory Protection Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/510154/100/0/threaded"}, {"name": "http://www.coresecurity.com/content/virtual-pc-2007-hypervisor-memory-protection-bug", "refsource": "MISC", "url": "http://www.coresecurity.com/content/virtual-pc-2007-hypervisor-memory-protection-bug"}, {"name": "1023720", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1023720"}, {"name": "38764", "refsource": "BID", "url": "http://www.securityfocus.com/bid/38764"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T01:14:06.668Z"}, "title": "CVE Program Container", "references": [{"name": "20100316 CORE-2009-0803: Virtual PC Hypervisor Memory Protection Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/510154/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.coresecurity.com/content/virtual-pc-2007-hypervisor-memory-protection-bug"}, {"name": "1023720", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1023720"}, {"name": "38764", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/38764"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-1225", "datePublished": "2010-04-01T22:00:00", "dateReserved": "2010-04-01T00:00:00", "dateUpdated": "2024-08-07T01:14:06.668Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:virtual_pc:2007:*:*:*:*:*:*:*", "matchCriteriaId": "0E550D9F-C197-4EA1-A018-73C0E8B03E6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:virtual_pc:2007:sp1:*:*:*:*:*:*", "matchCriteriaId": "98616FA1-76B2-40C1-806E-71A4D76CB5D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:virtual_server:2005:*:*:*:*:*:*:*", "matchCriteriaId": "3900BDEA-91E7-4534-8262-4A782BA9C19C", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:virtual_server:2005:r2_sp1:*:*:*:*:*:*", "matchCriteriaId": "C5705C94-8B44-48D7-873B-1909FE2D020E", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:windows_virtual_pc:*:*:*:*:*:*:*:*", "matchCriteriaId": "45C4ADB8-E0D3-465D-9BBF-89F90453EC1F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The memory-management implementation in the Virtual Machine Monitor (aka VMM or hypervisor) in Microsoft Virtual PC 2007 Gold and SP1, Virtual Server 2005 Gold and R2 SP1, and Windows Virtual PC does not properly restrict access from the guest OS to memory locations in the VMM work area, which allows context-dependent attackers to bypass certain anti-exploitation protection mechanisms on the guest OS via crafted input to a vulnerable application. NOTE: the vendor reportedly found that only systems with an otherwise vulnerable application are affected, because \"the memory areas accessible from the guest cannot be leveraged to achieve either remote code execution or elevation of privilege and ... no data from the host is exposed to the guest OS.\""}, {"lang": "es", "value": "La aplicaci\u00f3n de administraci\u00f3n de memoria en Virtual Machine Monitor (alias VMM o hipervisor) en Microsoft Virtual PC 2007 Gold y SP1 y Virtual Server 2005 Gold y R2 SP1 y Windows Virtual PC no restringe adecuadamente el acceso desde el sistema operativo huesped a lugares de memoria en el \u00e1rea de trabajo VMM, lo que permite a atacantes dependientes del contexto pasar por alto ciertos mecanismos de protecci\u00f3n contra la explotaci\u00f3n en el sistema operativo hu\u00e9sped mediante una entrada manipulada para una aplicaci\u00f3n vulnerable. NOTA: el fabricante considera que s\u00f3lo los sistemas con una aplicaci\u00f3n ya vulnerable se ven afectados, ya que \"las \u00e1reas de memoria accesibles desde el hu\u00e9sped no se pueden aprovechar para lograr bien la ejecuci\u00f3n remota de c\u00f3digo o bien la elevaci\u00f3n de privilegios y ... no hay datos del equipo anfitri\u00f3n expuestos al SO hu\u00e9sped. \""}], "id": "CVE-2010-1225", "lastModified": "2018-10-10T19:56:14.470", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-04-01T22:30:00.327", "references": [{"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1023720"}, {"source": "cve@mitre.org", "url": "http://www.coresecurity.com/content/virtual-pc-2007-hypervisor-memory-protection-bug"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/510154/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/38764"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object