Executive Summary

Informations
NameCVE-2009-1929First vendor Publication2009-08-12
VendorCveLast vendor Modification2010-08-21

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Security Protection

ImpactsProvides administrator access : Allows complete confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service.

Detail

Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka "Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1929

CWE : Common Weakness Enumeration

idName
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:6329
 
Oval ID: oval:org.mitre.oval:def:6329
Title: Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability
Description: Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka "Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2009-1929
Version: 2
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os3
Os6
Os3
Os3

OpenVAS Exploits

DateDescription
2009-08-12Name : Microsoft Remote Desktop Connection Remote Code Execution Vulnerability (969706)
File : nvt/secpod_ms09-044.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
56912Microsoft Windows Terminal Services Client ActiveX Unspecified Overflow

Information Assurance Vulnerability Management (IAVM)

DateDescription
2009-08-13IAVM : 2009-A-0071 - Multiple Vulnerabilities in Microsoft Remote Desktop Connection
Severity : Category II - VMSKEY : V0019884

Snort® IPS/IDS

DateDescription
2014-01-10Microsoft Windows Remote Desktop Client ActiveX clsid access
RuleID : 20175 - Revision : 7 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Remote Desktop Client ActiveX function call unicode access
RuleID : 15864 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10Microsoft Windows Remote Desktop Client ActiveX function call access
RuleID : 15863 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10Microsoft Remote Desktop Client ActiveX clsid unicode access
RuleID : 15862 - Revision : 6 - Type : WEB-ACTIVEX
2014-01-10Microsoft Windows Remote Desktop Client ActiveX clsid access
RuleID : 15861 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10Remote Desktop orderType remote code execution attempt
RuleID : 15850 - Revision : 7 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

DateDescription
2009-08-11Name : Arbitrary code can be executed on the remote host through Microsoft Remote De...
File : macosx_rdesktop.nasl - Type : ACT_GATHER_INFO
2009-08-11Name : It is possible to execute arbitrary code on the remote host.
File : smb_nt_ms09-044.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/35973
CERThttp://www.us-cert.gov/cas/techalerts/TA09-223A.html
MShttp://www.microsoft.com/technet/security/Bulletin/MS09-044.mspx
OSVDBhttp://osvdb.org/56912
SECTRACKhttp://www.securitytracker.com/id?1022709
SECUNIAhttp://secunia.com/advisories/36229
VUPENhttp://www.vupen.com/english/advisories/2009/2238

Alert History

If you want to see full details history, please login or register.
0
1
2
3
DateInformations
2014-02-17 10:50:22
  • Multiple Updates
2014-01-19 21:25:57
  • Multiple Updates
2013-11-11 12:38:20
  • Multiple Updates
2013-05-10 23:51:50
  • Multiple Updates