CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1CVE-2008-1931
https://notcve.org/view.php?id=CVE-2008-1931
Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allow local users to create, write, and read registry keys via a crafted IOCTL request. Los Drivers para los Codec de Audio de Realtek HD, RTKVHDA.sys y RTKVHDA64.sys, versiones anteriores a 6.0.1.5605 en Windows Vista, permite a usuarios locales crear, escribir y registrar claves a través de una petición IOCTL manipulada. • http://secunia.com/advisories/29953 http://www.securityfocus.com/archive/1/491249/100/0/threaded http://www.securityfocus.com/bid/28909 http://www.vupen.com/english/advisories/2008/1350/references http://www.wintercore.com/advisories/advisory_W010408.html https://exchange.xforce.ibmcloud.com/vulnerabilities/41976 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1CVE-2008-1932
https://notcve.org/view.php?id=CVE-2008-1932
Integer overflow in Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allows local users to execute arbitrary code via a crafted IOCTL request. Desbordamiento de entero en los controladores RTKVHDA.sys y RTKVHDA64.sys del Codec de audio Realtek HD anterior a la version 6.0.1.5605 en Windows Vista permite a usuarios locales ejecutar código arbitrario mediante la creación de respuestas IOCTL manipuladas. • http://secunia.com/advisories/29953 http://www.securityfocus.com/archive/1/491249/100/0/threaded http://www.securityfocus.com/bid/28909 http://www.vupen.com/english/advisories/2008/1350/references http://www.wintercore.com/advisories/advisory_W010408.html https://exchange.xforce.ibmcloud.com/vulnerabilities/42079 • CWE-189: Numeric Errors •
CVSS: 9.0EPSS: 94%CPEs: 13EXPL: 2CVE-2008-1436 – Microsoft Windows - 'SeImpersonatePrivilege' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2008-1436
Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts, which might allow context-dependent attackers to gain privileges by using one service process to capture a resource from a second service process that has a LocalSystem privilege-escalation ability, related to improper management of the SeImpersonatePrivilege user right, as originally reported for Internet Information Services (IIS), aka Token Kidnapping. Microsoft Windows XP Professional SP2, vista y Server 2003 y 2008 no asignan apropiadamente las actividades a las cuentas (1) NetworkService y (2) LocalService, lo que podría permitir que los atacantes dependientes del contexto consigan privilegios mediante el uso de un proceso de servicio para capturar un recurso de un segundo proceso de servicio que tiene una capacidad de escalado de privilegios LocalSystem, relacionada con la administración inadecuada del derecho de usuario SeImpersonatePrivilege, como se informó originalmente para Internet Information Services (IIS), también se conoce como token Secuestro. • https://www.exploit-db.com/exploits/31667 http://blogs.technet.com/msrc/archive/2008/04/17/msrc-blog-microsoft-security-advisory-951306.aspx http://isc.sans.org/diary.html?storyid=4306 http://milw0rm.com/sploits/2008-Churrasco.zip http://nomoreroot.blogspot.com/2008/10/windows-2003-poc-exploit-for-token.html http://secunia.com/advisories/29867 http://securitywatch.eweek.com/flaws/microsoft_belatedly_admits_to_windows_server_2008_token_kidnapping.html http://www.argeniss.com/research/Churrasc • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 96%CPEs: 4EXPL: 1CVE-2008-0927 – Novell eDirectory < 8.7.3 SP 10 / 8.8.2 - HTTP headers Denial of Service
https://notcve.org/view.php?id=CVE-2008-0927
dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated values. NOTE: this might be similar to CVE-2008-1777. El archivo dhost.exe en Novell eDirectory versión 8.7.3 anterior a las versiones sp10 y 8.8.2 permite a los atacantes remotos provocar una denegación de servicio (consumo de CPU) por medio de una petición HTTP con (1) varios encabezados de conexión o (2) un encabezado de conexión con varios valores separados por comas. NOTA: esta vulnerabilidad podría ser similar a CVE-2008-1777. Novell eDirectory versions below 8.7.3 SP 10 and versions below 8.8.2 suffer from a denial of service related vulnerability. • https://www.exploit-db.com/exploits/5547 http://secunia.com/advisories/29805 http://www.novell.com/support/viewContent.do?externalId=3829452&sliceId=1 http://www.securityfocus.com/archive/1/491622/100/0/threaded http://www.securityfocus.com/bid/28757 http://www.securitytracker.com/id?1019836 http://www.vupen.com/english/advisories/2008/1217/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41787 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 84%CPEs: 16EXPL: 0CVE-2008-1086
https://notcve.org/view.php?id=CVE-2008-1086
The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, which triggers memory corruption. El HxTocCtrl ActiveX control (hxvz.dll), usado en Microsoft Internet Explorer 5.01 SP4 y 6 SP1, en Windows XP SP2, Server 2003 SP1 y SP2, Vista SP1 y Server 2008, permite a atacantes remotos ejecutar código de su elección a través de argumentos mal formados, lo que dispara una corrupción de memoria. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=680 http://marc.info/?l=bugtraq&m=120845064910729&w=2 http://secunia.com/advisories/29714 http://www.securityfocus.com/bid/28606 http://www.securitytracker.com/id?1019800 http://www.us-cert.gov/cas/techalerts/TA08-099A.html http://www.vupen.com/english/advisories/2008/1147/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-023 https://exchange.xforce.ibmcloud.com/vulnerabilities/4 • CWE-94: Improper Control of Generation of Code ('Code Injection') •