| Name | ms09_022 |
| CVE | CVE-2009-0228 |
| Exploit Pack | CANVAS |
| Description | Microsoft Windows Print Spooler Overflow |
| Notes | CVE Name: CVE-2009-0228 VENDOR: Microsoft MSADV: MS09-022 Repeatability: One shot Note: A string is non-zero terminated after a wcsncpy(), ending up in a miscalculation before a wcsncat(). This is kind of like an uninitialized variable issue, and thus reliable code execution depends on the content of the stack. This version of the exploit triggers the bug, bur will be not be extremely reliable. This exploit requires "root" privileges since it starts a fake SMB server on TCP port 445. There is a 4-byte difference in the stack layout if MS08-062 is not installed, making the exploit fail. References: http://www.microsoft.com/technet/security/bulletin/ms09-022.mspx CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0228 Date public: 06/09/09 CVSS: 10.0 |
| Learn more about the CANVAS Exploit Pack here: CANVAS |