cvelistv5 - cve-2009-0550

CVE-2009-0550 (GCVE-0-2009-0550)

Vulnerability from cvelistv5

Published

2009-04-15 03:49

Modified

2024-08-07 04:40

Severity ?

CWE

Summary

Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008; allows remote web servers to capture and replay NTLM credentials, and execute arbitrary code, via vectors related to absence of a "credential-reflection protections" opt-in step, aka "Windows HTTP Services Credential Reflection Vulnerability" and "WinINet Credential Reflection Vulnerability."

References

URL

Tags

	http://www.vupen.com/english/advisories/2009/1028	vdb-entry, x_refsource_VUPEN
	http://osvdb.org/53619	vdb-entry, x_refsource_OSVDB
	http://secunia.com/advisories/34677	third-party-advisory, x_refsource_SECUNIA
	http://www.us-cert.gov/cas/techalerts/TA09-104A.html	third-party-advisory, x_refsource_CERT
	http://www.securitytracker.com/id?1022041	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/34678	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6233	vdb-entry, signature, x_refsource_OVAL
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7569	vdb-entry, signature, x_refsource_OVAL
	http://blogs.technet.com/srd/archive/2009/04/14/ntlm-credential-reflection-updates-for-http-clients.aspx	x_refsource_MISC
	http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=871138	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/34439	vdb-entry, x_refsource_BID
	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-014	vendor-advisory, x_refsource_MS
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5320	vdb-entry, signature, x_refsource_OVAL
	http://www.vupen.com/english/advisories/2009/1027	vdb-entry, x_refsource_VUPEN
	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-013	vendor-advisory, x_refsource_MS
	http://support.avaya.com/elmodocs2/security/ASA-2009-133.htm	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:40:05.067Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2009-1028",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1028"
          },
          {
            "name": "53619",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53619"
          },
          {
            "name": "34677",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34677"
          },
          {
            "name": "TA09-104A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
          },
          {
            "name": "1022041",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022041"
          },
          {
            "name": "34678",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34678"
          },
          {
            "name": "oval:org.mitre.oval:def:6233",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6233"
          },
          {
            "name": "oval:org.mitre.oval:def:7569",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7569"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blogs.technet.com/srd/archive/2009/04/14/ntlm-credential-reflection-updates-for-http-clients.aspx"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=871138"
          },
          {
            "name": "34439",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34439"
          },
          {
            "name": "MS09-014",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-014"
          },
          {
            "name": "oval:org.mitre.oval:def:5320",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5320"
          },
          {
            "name": "ADV-2009-1027",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1027"
          },
          {
            "name": "MS09-013",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-013"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-133.htm"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008; allows remote web servers to capture and replay NTLM credentials, and execute arbitrary code, via vectors related to absence of a \"credential-reflection protections\" opt-in step, aka \"Windows HTTP Services Credential Reflection Vulnerability\" and \"WinINet Credential Reflection Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01.000Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "ADV-2009-1028",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1028"
        },
        {
          "name": "53619",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53619"
        },
        {
          "name": "34677",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34677"
        },
        {
          "name": "TA09-104A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
        },
        {
          "name": "1022041",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022041"
        },
        {
          "name": "34678",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34678"
        },
        {
          "name": "oval:org.mitre.oval:def:6233",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6233"
        },
        {
          "name": "oval:org.mitre.oval:def:7569",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7569"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blogs.technet.com/srd/archive/2009/04/14/ntlm-credential-reflection-updates-for-http-clients.aspx"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=871138"
        },
        {
          "name": "34439",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34439"
        },
        {
          "name": "MS09-014",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-014"
        },
        {
          "name": "oval:org.mitre.oval:def:5320",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5320"
        },
        {
          "name": "ADV-2009-1027",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1027"
        },
        {
          "name": "MS09-013",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-013"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-133.htm"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-0550",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008; allows remote web servers to capture and replay NTLM credentials, and execute arbitrary code, via vectors related to absence of a \"credential-reflection protections\" opt-in step, aka \"Windows HTTP Services Credential Reflection Vulnerability\" and \"WinINet Credential Reflection Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-1028",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1028"
            },
            {
              "name": "53619",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53619"
            },
            {
              "name": "34677",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34677"
            },
            {
              "name": "TA09-104A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
            },
            {
              "name": "1022041",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022041"
            },
            {
              "name": "34678",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34678"
            },
            {
              "name": "oval:org.mitre.oval:def:6233",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6233"
            },
            {
              "name": "oval:org.mitre.oval:def:7569",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7569"
            },
            {
              "name": "http://blogs.technet.com/srd/archive/2009/04/14/ntlm-credential-reflection-updates-for-http-clients.aspx",
              "refsource": "MISC",
              "url": "http://blogs.technet.com/srd/archive/2009/04/14/ntlm-credential-reflection-updates-for-http-clients.aspx"
            },
            {
              "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=871138",
              "refsource": "CONFIRM",
              "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=871138"
            },
            {
              "name": "34439",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34439"
            },
            {
              "name": "MS09-014",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-014"
            },
            {
              "name": "oval:org.mitre.oval:def:5320",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5320"
            },
            {
              "name": "ADV-2009-1027",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1027"
            },
            {
              "name": "MS09-013",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-013"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-133.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-133.htm"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2009-0550",
    "datePublished": "2009-04-15T03:49:00.000Z",
    "dateReserved": "2009-02-12T00:00:00.000Z",
    "dateUpdated": "2024-08-07T04:40:05.067Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2009-AVI-144

Vulnerability from certfr_avis

Plusieurs vulnérabilités affectent Microsoft Internet Explorer et permettent à une personne malintentionnée d'exécuter du code arbitraire à distance.

Description

De multiples vulnérabilités ont été découvertes dans Microsoft Internet Explorer et permettent à une personne distante malintentionnée d'exécuter du code arbitraire :

une erreur existe dans la fonction de localisation et d'ouverture des fichiers sur le système (CVE-2008-2540) ;
une erreur existe dans le traitement des informations d'identification NTLM par WinINet lorsque celles-ci sont envoyées via HTTP (CVE-2009-0550) ;
une corruption mémoire existe dans la manière dont Microsoft Internet Explorer traite les transitions entre pages web (CVE-2009-0551) ;
plusieurs erreurs existent dans la manière dont Microsoft Internet Explorer accède à un objet mal initialisé ou supprimé (CVE-2009-0552, CVE-2009-0553 et CVE-2009-0554) ;

Solution

Se référer au bulletin de sécurité MS09-014 de Microsoft pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft Internet Explorer 7.
Microsoft	N/A	Microsoft Internet Explorer 5.01 ;
Microsoft	N/A	Microsoft Internet Explorer 6 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS09-014 du 14 avril 2009

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Internet Explorer 7.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 5.01 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 6 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Internet\nExplorer et permettent \u00e0 une personne distante malintentionn\u00e9e\nd\u0027ex\u00e9cuter du code arbitraire :\n\n-   une erreur existe dans la fonction de localisation et d\u0027ouverture\n    des fichiers sur le syst\u00e8me (CVE-2008-2540) ;\n-   une erreur existe dans le traitement des informations\n    d\u0027identification NTLM par WinINet lorsque celles-ci sont envoy\u00e9es\n    via HTTP (CVE-2009-0550) ;\n-   une corruption m\u00e9moire existe dans la mani\u00e8re dont Microsoft\n    Internet Explorer traite les transitions entre pages web\n    (CVE-2009-0551) ;\n-   plusieurs erreurs existent dans la mani\u00e8re dont Microsoft Internet\n    Explorer acc\u00e8de \u00e0 un objet mal initialis\u00e9 ou supprim\u00e9\n    (CVE-2009-0552, CVE-2009-0553 et CVE-2009-0554) ;\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 MS09-014 de Microsoft pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-2540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2540"
    },
    {
      "name": "CVE-2009-0553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0553"
    },
    {
      "name": "CVE-2009-0551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0551"
    },
    {
      "name": "CVE-2009-0550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0550"
    },
    {
      "name": "CVE-2009-0552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0552"
    },
    {
      "name": "CVE-2009-0554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0554"
    }
  ],
  "initial_release_date": "2009-04-15T00:00:00",
  "last_revision_date": "2009-04-15T00:00:00",
  "links": [],
  "reference": "CERTA-2009-AVI-144",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectent Microsoft Internet Explorer et\npermettent \u00e0 une personne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire\n\u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Internet Explorer",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-014 du 14 avril 2009",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS09-014.mspx"
    }
  ]
}

CERTA-2009-AVI-143

Vulnerability from certfr_avis

Des vulnérabilités ont été identifiées dans les services HTTP Windows. L'exploitation de ces dernières à distance permet d'exécuter du code arbitraire sur le système vulnérable.

Description

Des vulnérabilités ont été identifiées dans les services HTTP Windows. Ces derniers (WinHTTP) fournissent des interfaces, ou API HTTP cliente pour communiquer en HTTP. Ces interfaces sont donc utilisées par les composants Windows (par exemple le service UPnP Universal Plug-and-Play) ou par des applications tiers.

Les interfaces ne valident pas correctement certains champs retournés dans les réponses par les serveurs. Elles peuvent aussi être exploitées dans le cas d'attaques par « réflexion » qui permettent de réutiliser les informations d'authentification Windows. Enfin, les certificats des sites Web ne sont validés qu'en fonction du nom de domaine complet de l'URL et WinHTTP peut cacher les incohérences de validation à l'utilisateur.

Ces vulnérabilités peuvent être exploitées à distance afin d'exécuter du code arbitraire sur le système vulnérable.

Solution

Se référer au bulletin de sécurité MS09-013 de Microsoft pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Microsoft Windows Server 2003 Service Pack 1 et 2, y compris pour les systèmes x64 et Itanium ;
Microsoft	Windows	Microsoft Windows Vista, Service Pack 1 inclus, y compris pour les versions x64 ;
Microsoft	Windows	Microsoft Windows Server 2008 pour systèmes 32 bits, x64 et Itanium.
Microsoft	Windows	Microsoft Windows XP Service Pack 2 et 3 ;
Microsoft	Windows	Microsoft Windows XP Professional Edition pour systèmes x64, Service Pack 2 compris ;
Microsoft	Windows	Microsoft Windows 2000 Service Pack 4 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS09-013 du 14 avril 2009

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows Server 2003 Service Pack 1 et 2, y compris pour les syst\u00e8mes x64 et Itanium ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Vista, Service Pack 1 inclus, y compris pour les versions x64 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2008 pour syst\u00e8mes 32 bits, x64 et Itanium.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Service Pack 2 et 3 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Professional Edition pour syst\u00e8mes x64, Service Pack 2 compris ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2000 Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDes vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans les services HTTP Windows.\nCes derniers (WinHTTP) fournissent des interfaces, ou API HTTP cliente\npour communiquer en HTTP. Ces interfaces sont donc utilis\u00e9es par les\ncomposants Windows (par exemple le service UPnP Universal Plug-and-Play)\nou par des applications tiers.\n\nLes interfaces ne valident pas correctement certains champs retourn\u00e9s\ndans les r\u00e9ponses par les serveurs. Elles peuvent aussi \u00eatre exploit\u00e9es\ndans le cas d\u0027attaques par \u00ab r\u00e9flexion \u00bb qui permettent de r\u00e9utiliser\nles informations d\u0027authentification Windows. Enfin, les certificats des\nsites Web ne sont valid\u00e9s qu\u0027en fonction du nom de domaine complet de\nl\u0027URL et WinHTTP peut cacher les incoh\u00e9rences de validation \u00e0\nl\u0027utilisateur.\n\nCes vuln\u00e9rabilit\u00e9s peuvent \u00eatre exploit\u00e9es \u00e0 distance afin d\u0027ex\u00e9cuter du\ncode arbitraire sur le syst\u00e8me vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 MS09-013 de Microsoft pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-0550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0550"
    },
    {
      "name": "CVE-2009-0089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0089"
    },
    {
      "name": "CVE-2009-0086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0086"
    }
  ],
  "initial_release_date": "2009-04-15T00:00:00",
  "last_revision_date": "2009-04-15T00:00:00",
  "links": [],
  "reference": "CERTA-2009-AVI-143",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Des vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans les services HTTP Windows.\nL\u0027exploitation de ces derni\u00e8res \u00e0 distance permet d\u0027ex\u00e9cuter du code\narbitraire sur le syst\u00e8me vuln\u00e9rable.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans les services HTTP Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-013 du 14 avril 2009",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS09-013.mspx"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2009-0550 (GCVE-0-2009-0550)

Vulnerability from cvelistv5

CERTA-2009-AVI-144

Vulnerability from certfr_avis

Description

Solution

CERTA-2009-AVI-143

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature