CVE-2009-1929
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka "Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability."
Desbordamiento de búfer basado en pila en el control Microsoft Terminal Services Client ActiveX cuando se corre RDP v6.1 en Windows XP SP2, Vista SP1 o SP2, o Server 2008 Gold o SP2; o v5.2 o v6.1 en Windows XP SP3; permite a atacantes remotos ejecutar código de forma arbitraria a través de parámetros sin especificar mediante métodos desconocidos, también conocido como "Vulnerabilidad de desbordamiento de búfer en el control ActiveX en la conexión a escritorio remoto".
CVSS Scores
SSVC
- Decision:-
Timeline
- 2009-06-04 CVE Reserved
- 2009-08-12 CVE Published
- 2024-07-19 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
http://osvdb.org/56912 | Vdb Entry | |
http://www.securitytracker.com/id?1022709 | Vdb Entry | |
http://www.us-cert.gov/cas/techalerts/TA09-223A.html | Third Party Advisory | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6329 | Signature |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.securityfocus.com/bid/35973 | 2023-12-07 | |
http://www.vupen.com/english/advisories/2009/2238 | 2023-12-07 |
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/36229 | 2023-12-07 | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-044 | 2023-12-07 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | sp2 Search vendor "Microsoft" for product "Windows 2003 Server" and version "sp2" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | sp2 Search vendor "Microsoft" for product "Windows 2003 Server" and version "sp2" | itanium |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | sp2 Search vendor "Microsoft" for product "Windows 2003 Server" and version "sp2" | x64 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | itanium |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | sp2, x64 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | - | x32 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | - | x64 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | - | sp2, itanium |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | - | sp2, x86 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | sp1 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | sp2 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | - | x64 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp2, x64 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | - | sp2 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | - | sp3 |
Affected
|