CVE-2009-0078
Title: Microsoft Windows Server 2008 Auth Bypass
Proof Of Concept
PoC Available for CVE-2009-0078
Vulnerability Summary
CVE-2009-0078: The Windows Management Instrumentation (WMI) provider in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows WMI Service Isolation Vulnerability."
Impacted Vendors
Reference Links
AV:L/AC:L/Au:N/C:C/I:C/A:C
Associated Attack Patterns (CAPEC)
Total: PatternsNo specific attack patterns mapped.
CVE-2009-0078 Exploits & PoCs (Proof Of Concept)
Vulnerability data updated via NVD.
Vulnerability data or affected products updated.
Vulnerability first announced in NVD.
Attack Vector Matrix
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Stack
No specific products linked.