New Search

MSMQ Null Pointer Vulnerability

oval:org.mitre.oval:def:6109

The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4 XP SP2 Server 2003 SP2 and Vista Gold does not properly validate unspecified IOCTL request data from user mode before passing this data to kernel mode which allows local users to gain privileges via a crafted request aka "MSMQ Null Pointer Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
  • Microsoft Windows Vista
  • Microsoft Windows Server 2003
  • Microsoft Windows XP
Class:
vulnerability
Reference(s):
  • CVE-2009-1922
Product(s):