windows_2003_server,windows_server_2008,windows_vista,windows_xp,windows_7 权限提升漏洞

admin

0
文章

0
评论

2023-12-09 08:58:22 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

windows_2003_server,windows_server_2008,windows_vista,windows_xp,windows_7 权限提升漏洞

CVE编号

CVE-2010-1886

利用情况

暂无

补丁情况

N/A

披露时间

2010-08-17

漏洞描述

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2, and Windows 7 allow local users to gain privileges by leveraging access to a process with NetworkService credentials, as demonstrated by TAPI Server, SQL Server, and IIS processes, and related to the Windows Service Isolation feature. NOTE: the vendor states that privilege escalation from NetworkService to LocalSystem does not cross a "security boundary."

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
http://support.microsoft.com/kb/2264072
http://support.microsoft.com/kb/982316
http://www.microsoft.com/technet/security/advisory/2264072.mspx

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	系统	microsoft	windows_2003_server	*	-
	运行在以下环境
	系统	microsoft	windows_2003_server	-	-
	运行在以下环境
	系统	microsoft	windows_7	-	-
	运行在以下环境
	系统	microsoft	windows_server_2008	*	-
	运行在以下环境
	系统	microsoft	windows_server_2008	r2	-
	运行在以下环境
	系统	microsoft	windows_vista	*	-
	运行在以下环境
	系统	microsoft	windows_xp	*	-
	运行在以下环境
	系统	microsoft	windows_xp	-	-