Vulnerability Details : CVE-2009-0229
The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted separator page, aka "Print Spooler Read File Vulnerability."
Vulnerability category: Information leak
Exploit prediction scoring system (EPSS) score for CVE-2009-0229
Probability of exploitation activity in the next 30 days: 0.05%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 12 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2009-0229
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:C/I:N/A:N |
3.9
|
6.9
|
NIST |
CWE ids for CVE-2009-0229
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-0229
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5815
404 Not Found
-
http://osvdb.org/54933
-
http://www.securityfocus.com/bid/35208
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-022
Microsoft Security Bulletin MS09-022 - Critical | Microsoft Learn
-
http://support.avaya.com/elmodocs2/security/ASA-2009-217.htm
ASA-2009-217 (961501)
-
http://secunia.com/advisories/35365
About Secunia Research | Flexera
- http://www.securitytracker.com/id?1022352
-
http://www.us-cert.gov/cas/techalerts/TA09-160A.html
Page Not Found | CISAUS Government Resource
-
http://www.vupen.com/english/advisories/2009/1541
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
Products affected by CVE-2009-0229
- cpe:2.3:o:microsoft:windows_2000:sp4:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:sp3:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:sp2:*:itanium:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:sp2:*:x64:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:gold:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:sp1:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:sp2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:-:x32:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:sp2:x64:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:sp2:x32:*:*:*:*:*:*