CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
MS07-021 | Vulnerabilities in CSRSS Could Allow Remote Code Execution (930178) | Microsoft Windows | Critical | 11-04-2007 |
Technical Information
Brief overview of the risk:
A remote code execution vulnerability exists in the Windows Client/Server Run-time Subsystem (CSRSS) process because of the way that it handles error messages. An attacker could exploit the vulnerability by constructing a specially crafted application that could potentially allow remote code execution. Additionally, if a user viewed a specially crafted Web site, an attacker who successfully exploited this vulnerability could take complete control of an affected system. A privilege elevation vulnerability exists in the way that the Windows 32 Client/Server Run-time Subsystem (CSRSS) handles its connections during the startup and stopping of processes. A denial of service vulnerability exists in the Client/Server Run-time Subsystem (CSRSS) service because of the way it handles error messages. An attacker could exploit the vulnerability by running a specially crafted application causing the system to restart.
Detailed Information on the risk:
MS07-021 patches three vulnerabilities in the Microsoft Windows Client/Server Runtime SubSystem (CSRSS). Two of these vulnerabilities are technically local privilege escalation issues caused by memory management bugs in various CSRSS APIs. However, one of them can be remotely exploited due to browser features that enable complex software to be executed on behalf of web sites in environments that aren’t completely sandboxed. Two of these vulnerabilities, including the remote code execution issue and a denial of service issue, have been publicly disclosed and exploit POCs are circulating in the wild.Further information on this exploit is available at : MS07-021
Affected Software
Microsoft Windows 2000 Service Pack 4Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2
Microsoft Windows Server 2003, Microsoft Windows Server 2003 Service Pack 1, and Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Windows Server 2003 with SP1 for Itanium-based Systems, and Microsoft Windows Server 2003 with SP2 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition and Microsoft Windows Server 2003 x64 Edition Service Pack 2
Windows Vista
Windows Vista x64 Edition