NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2008-1451

Summary	The WINS service on Microsoft Windows 2000 SP4, and Server 2003 SP1 and SP2, does not properly validate data structures in WINS network packets, which allows local users to gain privileges via a crafted packet, aka "Memory Overwrite Vulnerability."
Summary	El servicio WINS en Microsoft Windows 2000 SP4, y Server 2003 SP1 y SP2 no verifica adecuadamente las estructuras de datos en paquetes de red WINS, lo que permite a usuarios locales obtener privilegios a través de un paquete manipulado, también conocida como "Vulnerabilidad de sobrescritura de memoria"
Publication Date	June 12, 2008, 11:32 a.m.
Registration Date	Jan. 29, 2021, 1:34 p.m.
Last Update	April 23, 2026, 9:35 a.m.

CVSS2.0 : HIGH
Score	7.2
Vector	AV:L/AC:L/Au:N/C:C/I:C/A:C
攻撃元区分(AV)	ローカル
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高
Get all privileges.	はい
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:microsoft:windows_2000:-:sp4::::::
cpe:2.3:o:microsoft:windows_2003_server:-:sp1::::::
cpe:2.3:o:microsoft:windows_2003_server:-:sp2::::::

Related information, measures and tools

No	URL	refsource	タグ
1	http://secunia.com/advisories/30584	secure@microsoft.com
2	http://securitytracker.com/id?1020228	secure@microsoft.com
3	http://www.securityfocus.com/bid/29588	secure@microsoft.com
4	http://www.us-cert.gov/cas/techalerts/TA08-162B.html	secure@microsoft.com
5	http://www.vupen.com/english/advisories/2008/1781	secure@microsoft.com
6	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-034	secure@microsoft.com
7	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5582	secure@microsoft.com
8	http://secunia.com/advisories/30584	af854a3a-2127-422b-91ae-364da2661108
9	http://securitytracker.com/id?1020228	af854a3a-2127-422b-91ae-364da2661108
10	http://www.securityfocus.com/bid/29588	af854a3a-2127-422b-91ae-364da2661108
11	http://www.us-cert.gov/cas/techalerts/TA08-162B.html	af854a3a-2127-422b-91ae-364da2661108
12	http://www.vupen.com/english/advisories/2008/1781	af854a3a-2127-422b-91ae-364da2661108
13	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-034	af854a3a-2127-422b-91ae-364da2661108
14	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5582	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-20	不適切な入力確認	https://cwe.mitre.org/data/definitions/20.html