CVE-2009-0080

The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka Windows Thread Pool ACL Weakness Vulnerability.

Weakness

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Affected Software

Name	Vendor	Start Version	End Version
Windows_server_2008	Microsoft	- (including)	- (including)
Windows_vista	Microsoft	- (including)	- (including)
Windows_vista	Microsoft	–sp1 (including)	–sp1 (including)

Potential Mitigations

https://cwe.mitre.org/data/definitions/122.html
https://cwe.mitre.org/data/definitions/233.html
https://cwe.mitre.org/data/definitions/58.html

References

http://osvdb.org/53668
http://www.securitytracker.com/id?1022044
http://www.us-cert.gov/cas/techalerts/TA09-104A.html
http://www.vupen.com/english/advisories/2009/1026
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6177

NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-0080
CWE	https://cwe.mitre.org/data/definitions/269.html

Improper Privilege Management

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References