- Description
- The kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly handle unspecified page-fault system calls, which allows local users to obtain sensitive information from kernel memory via a crafted application, aka "Kernel Information Disclosure Vulnerability."
- Source
- secure@microsoft.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 4.4
- Impact score
- 6.9
- Exploitability score
- 2.7
- Vector string
- AV:L/AC:M/Au:S/C:C/I:N/A:N
- nvd@nist.gov
- CWE-399
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x86:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9DAA2E6F-A666-4136-8F6B-E35C313CAB2B"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"
}
],
"operator": "OR"
}
]
}
]