CVE-2009-1139
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Memory leak in the LDAP service in Active Directory on Microsoft Windows 2000 SP4 and Server 2003 SP2, and Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2, allows remote attackers to cause a denial of service (memory consumption and service outage) via (1) LDAP or (2) LDAPS requests with unspecified OID filters, aka "Active Directory Memory Leak Vulnerability."
Fuga de memoria en el servicio LDAP en Active Directory en Microsoft Windows 2000 SP4 y Server 2003 SP2, y Active Directory Application Mode (ADAM) en Windows XP SP2 y SP3 y Server 2003 SP2, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y parada del servicio) a través de (1) LDAP o (2) peticiones LDAPS con filtros OID sin especificar, también conocido como "Vulnerabilidad de fuga de memoria en el Directorio Activo"
CVSS Scores
SSVC
- Decision:-
Timeline
- 2009-03-25 CVE Reserved
- 2009-06-10 CVE Published
- 2024-08-07 CVE Updated
- 2024-11-13 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/54938 | Vdb Entry | |
| http://secunia.com/advisories/35355 | Third Party Advisory | |
| http://support.avaya.com/elmodocs2/security/ASA-2009-214.htm | X_refsource_confirm | |
| http://www.securityfocus.com/bid/35225 | Vdb Entry | |
| http://www.securitytracker.com/id?1022349 | Vdb Entry | |
| http://www.us-cert.gov/cas/techalerts/TA09-160A.html | Third Party Advisory | |
| http://www.vupen.com/english/advisories/2009/1537 | Vdb Entry | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6253 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-018 | 2019-04-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Adam Search vendor "Microsoft" for product "Adam" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003" | * | - |
Affected
|
| Microsoft Search vendor "Microsoft" | Adam Search vendor "Microsoft" for product "Adam" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003" | * | sp1 |
Affected
|
| Microsoft Search vendor "Microsoft" | Adam Search vendor "Microsoft" for product "Adam" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003" | * | sp2 |
Affected
|
| Microsoft Search vendor "Microsoft" | Adam Search vendor "Microsoft" for product "Adam" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | professional_x64 |
Safe
|
| Microsoft Search vendor "Microsoft" | Adam Search vendor "Microsoft" for product "Adam" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp2, professional |
Safe
|
| Microsoft Search vendor "Microsoft" | Adam Search vendor "Microsoft" for product "Adam" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp2, professional_x64 |
Safe
|
| Microsoft Search vendor "Microsoft" | Adam Search vendor "Microsoft" for product "Adam" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | - | sp3, professional |
Safe
|
| Microsoft Search vendor "Microsoft" | Windows 2000 Search vendor "Microsoft" for product "Windows 2000" | * | sp4 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003" | * | sp1, itanium |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003" | * | sp2 |
Affected
| ||||||