Integer overflow in Memory Manager in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that triggers an erroneous decrement of a variable, related to validation of parameters for Virtual Address Descriptors (VADs) and a "memory allocation mapping error," aka "Virtual Address Descriptor Elevation of Privilege Vulnerability."
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:50
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=122479227205998&w=2 - | |
References | () http://secunia.com/advisories/32251 - Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/31675 - Patch | |
References | () http://www.securitytracker.com/id?1021051 - | |
References | () http://www.us-cert.gov/cas/techalerts/TA08-288A.html - US Government Resource | |
References | () http://www.vupen.com/english/advisories/2008/2815 - | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-064 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/45571 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/45572 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5343 - |
15 Oct 2024, 15:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 8.4 |
CWE | CWE-190 |
07 Dec 2023, 18:38
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:* |
Information
Published : 2008-10-15 00:12
Updated : 2024-11-21 00:50
NVD link : CVE-2008-4036
Mitre link : CVE-2008-4036
CVE.ORG link : CVE-2008-4036
JSON object : View
Products Affected
microsoft
- windows_server_2008
- windows_server_2003
- windows_xp
- windows_vista