[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-1542Date: (C)2009-07-15   (M)2023-12-22


The Virtual Machine Monitor (VMM) in Microsoft Virtual PC 2004 SP1, 2007, and 2007 SP1, and Microsoft Virtual Server 2005 R2 SP1, does not enforce CPU privilege-level requirements for all machine instructions, which allows guest OS users to execute arbitrary kernel-mode code and gain privileges within the guest OS via a crafted application, aka "Virtual PC and Virtual Server Privileged Instruction Decoding Vulnerability."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.0
Exploit Score: 8.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1022544
SECUNIA-35808
ADV-2009-1890
MS09-033
TA09-195A
oval:org.mitre.oval:def:6166

CPE    3
cpe:/a:microsoft:virtual_pc:2007
cpe:/a:microsoft:virtual_pc:2004:sp1
cpe:/a:microsoft:virtual_pc:2007:sp1
CWE    1
CWE-264
OVAL    2
oval:org.mitre.oval:def:6166
oval:org.secpod.oval:def:2639

© SecPod Technologies