Vulnerability Details : CVE-2009-1808
Microsoft Windows XP SP3 allows local users to cause a denial of service (system crash) by making an SPI_SETDESKWALLPAPER SystemParametersInfo call with an improperly terminated pvParam argument, followed by an SPI_GETDESKWALLPAPER SystemParametersInfo call.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2009-1808
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 8 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2009-1808
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST |
References for CVE-2009-1808
Products affected by CVE-2009-1808
- cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:-:sp3:professional:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:-:sp3:tablet_pc:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:-:sp3:media_center:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:-:sp3:home:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:-:sp3:x64:*:*:*:*:*