{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-06-09T00:00:00", "descriptions": [{"lang": "en", "value": "The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file from an arbitrary directory, aka \"Print Spooler Load Library Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-217.htm"}, {"name": "ADV-2009-1541", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/1541"}, {"name": "35209", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/35209"}, {"name": "54934", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/54934"}, {"name": "TA09-160A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA09-160A.html"}, {"name": "MS09-022", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-022"}, {"name": "oval:org.mitre.oval:def:6287", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6287"}, {"name": "35365", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35365"}, {"name": "1022352", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1022352"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2009-0230", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file from an arbitrary directory, aka \"Print Spooler Load Library Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://support.avaya.com/elmodocs2/security/ASA-2009-217.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-217.htm"}, {"name": "ADV-2009-1541", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1541"}, {"name": "35209", "refsource": "BID", "url": "http://www.securityfocus.com/bid/35209"}, {"name": "54934", "refsource": "OSVDB", "url": "http://osvdb.org/54934"}, {"name": "TA09-160A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA09-160A.html"}, {"name": "MS09-022", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-022"}, {"name": "oval:org.mitre.oval:def:6287", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6287"}, {"name": "35365", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35365"}, {"name": "1022352", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022352"}]}}}}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2009-0230", "datePublished": "2009-06-10T17:37:00", "dateReserved": "2009-01-20T00:00:00", "dateUpdated": "2018-10-12T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:itanium:*", "matchCriteriaId": "39F303CD-DB64-4FE6-AB4F-461E5E8AFB83", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:x64:*", "matchCriteriaId": "17804445-2C63-4381-A721-7F3BB3DC645F", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server:2008:*:*:*:*:*:itanium:*", "matchCriteriaId": "EF19CAA4-DAF7-4237-9F1F-153E28E19A01", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server:2008:*:sp2:*:*:*:itanium:*", "matchCriteriaId": "E8C46066-5DDF-4FB1-8EEC-CDFA8D588DB6", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B33C9BD-FC34-4DFC-A81F-C620D3DAA79D", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:*", "matchCriteriaId": "BAB70FD5-09F3-4215-99C4-299EDE8D26DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0C28897B-044A-447B-AD76-6397F8190177", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:x64:*", "matchCriteriaId": "06E7E0F7-AA6F-477C-AAA7-C0419CD2F3BC", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:x64:*", "matchCriteriaId": "ABBA5D64-4184-4420-B7D0-A4E41359AA5A", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file from an arbitrary directory, aka \"Print Spooler Load Library Vulnerability.\""}, {"lang": "es", "value": "La cola de impresi\u00f3n de Windows en Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, y SP2, y Server 2008 SP2 permite a usuraio autenticados remotamente obtener privilegios a trav\u00e9s de un mensaje RCP manipulado que lanza la carga de un archivo DLL desde un directorio de su elecci\u00f3n, tambi\u00e9n conocido como \"Vulnerabilidad en la carga librer\u00eda de la cola de impresi\u00f3n\"."}], "id": "CVE-2009-0230", "lastModified": "2018-10-12T21:50:17.270", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-06-10T18:00:00.280", "references": [{"source": "secure@microsoft.com", "tags": ["Broken Link"], "url": "http://osvdb.org/54934"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35365"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-217.htm"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/35209"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1022352"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA09-160A.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2009/1541"}, {"source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-022"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6287"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}