CVE-2009-0229

Published: Jun 10, 2009Modified: Apr 23, 2026

4.9

Vector

AV:L/AC:L/Au:N/C:C/I:N/A:N

Exploitability: 3.9 / Impact: 6.9

Source: NVD

Description

The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted separator page, aka "Print Spooler Read File Vulnerability."

Affected (17)

Products: Microsoft: Windows 2000, Windows 2003 Server, Windows Server 2008, Windows Vista, Windows Xp

5 products

Windows 2003 Server

Windows Server 2008

Configuration A

17 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 2000	Version sp4
Microsoft Windows 2003 Server	Version sp2
Microsoft Windows 2003 Server	Version sp2
Microsoft Windows 2003 Server	Version sp2
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	Version sp2 x32
Microsoft Windows Server 2008	Version sp2 x64
Microsoft Windows Vista	All versions
Microsoft Windows Vista	All versions
Microsoft Windows Vista	Version gold
Microsoft Windows Vista	Version sp1
Microsoft Windows Vista	Version sp2
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	Version sp3

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (18)

http://osvdb.org/54933

Source: secure@microsoft.com

http://secunia.com/advisories/35365

Source: secure@microsoft.com

http://support.avaya.com/elmodocs2/security/ASA-2009-217.htm

Source: secure@microsoft.com

http://www.securityfocus.com/bid/35208

Source: secure@microsoft.com

http://www.securitytracker.com/id?1022352

Source: secure@microsoft.com

http://www.us-cert.gov/cas/techalerts/TA09-160A.html

Source: secure@microsoft.com

US Government Resource

http://www.vupen.com/english/advisories/2009/1541

Source: secure@microsoft.com

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-022

Source: secure@microsoft.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5815

Source: secure@microsoft.com

http://osvdb.org/54933

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35365

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.avaya.com/elmodocs2/security/ASA-2009-217.htm

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/35208

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1022352

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.us-cert.gov/cas/techalerts/TA09-160A.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.vupen.com/english/advisories/2009/1541

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-022

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5815

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.