7.2
CVSSv2

CVE-2008-4036

CVSSv4: NA | CVSSv3: 8.4 | CVSSv2: 7.2 | VMScore: 940 | EPSS: 0.00057 | KEV: Not Included
Published: 15/10/2008 Updated: 21/11/2024

Vulnerability Summary

Privilege Escalation via Integer Overflow in Windows Memory Manager

An integer overflow vulnerability exists in the Memory Manager of Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008. This issue lets local users increase their privileges. It involves a crafted application that causes a wrong decrement of a variable. This is related to how the system checks parameters for Virtual Address Descriptors (VADs) and a "memory allocation mapping error." This problem is called the "Virtual Address Descriptor Elevation of Privilege Vulnerability."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2003

microsoft windows server 2008

microsoft windows vista

microsoft windows vista sp1

microsoft windows xp