CVE-2009-0320

2009-01-2818:30:00

CWE-200

CWE-362

[email protected]

web.nvd.nist.gov

microsoft windows

i/o activity

task manager

sensitive information

cve-2009-0320

benchmarking attack

nvd

4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:C/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.1%

JSON

Microsoft Windows XP, Server 2003 and 2008, and Vista exposes I/O activity measurements of all processes, which allows local users to obtain sensitive information, as demonstrated by reading the I/O Other Bytes column in Task Manager (aka taskmgr.exe) to estimate the number of characters that a different user entered at a runas.exe password prompt, related to a “benchmarking attack.”

Affected configurations

NVD

Node

microsoftwindows_server_2003

microsoftwindows_server_2008

microsoftwindows_vista

microsoftwindows_xp

CPENameOperatorVersion
microsoft:windows_server_2003microsoft windows server 2003eq*
microsoft:windows_server_2008microsoft windows server 2008eq*
microsoft:windows_vistamicrosoft windows vistaeq*
microsoft:windows_xpmicrosoft windows xpeq*

CPE	Name	Operator	Version
microsoft:windows_server_2003	microsoft windows server 2003	eq	*
microsoft:windows_server_2008	microsoft windows server 2008	eq	*
microsoft:windows_vista	microsoft windows vista	eq	*
microsoft:windows_xp	microsoft windows xp	eq	*