CVE-2007-1209

NONECVSS 0.0

0.0

Use-after-free vulnerability in the Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a "dangling pointer" to a process data structure.

🔗 References (26)

secure@microsofthttp://research.eeye.com/html/advisories/published/AD20070410b.html
secure@microsofthttp://secunia.com/advisories/24823
secure@microsofthttp://securityreason.com/securityalert/2531
secure@microsofthttp://www.kb.cert.org/vuls/id/219848
secure@microsofthttp://www.osvdb.org/34008
secure@microsofthttp://www.securityfocus.com/archive/1/465233/100/0/threaded
secure@microsofthttp://www.securityfocus.com/archive/1/466331/100/200/threaded
secure@microsofthttp://www.securityfocus.com/bid/23338
secure@microsofthttp://www.securitytracker.com/id?1017897
secure@microsofthttp://www.us-cert.gov/cas/techalerts/TA07-100A.html
secure@microsofthttp://www.vupen.com/english/advisories/2007/1325
secure@microsofthttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-021
secure@microsofthttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1524
af854a3a-2127-422b-91ae-364da2661108http://research.eeye.com/html/advisories/published/AD20070410b.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24823

Is Your Infrastructure Affected by CVE-2007-1209?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-1209

📅 Published

🔄 Last Modified

🔗 References (26)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-1209?