Overview
The Microsoft Windows Client/Server Run-time Subsystem (CSRSS) process fails to properly handle error messages. This vulnerability may allow a remote attacker to execute arbitrary code.
Description
According to Microsoft Security Bulletin MS07-021: CSRSS is the user-mode portion of the Win32 subsystem. CSRSS stands for client/server run-time subsystem and is an essential subsystem that must be running at all times. CSRSS is responsible for console windows, creating and/or deleting threads. |
Impact
A remote attacker may be able to execute arbitrary code on a vulnerable system. |
Solution
Apply update from Microsoft |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- http://www.microsoft.com/technet/security/bulletin/ms07-021.mspx
- http://www.determina.com/security.research/vulnerabilities/csrss-harderror.html
- http://www.kuban.ru/forum_new/forum2/files/19124.html
- http://bugtraq.ru/cgi-bin/forum.mcgi?type=sb&b=21&m=140672
- http://www.microsoft.com/technet/security/bulletin/ms07-021.mspx
Acknowledgements
This vulnerability was reported by Tim Garnett of Determina Security Research .
This document was written by Jeff Gennari.
Other Information
| CVE IDs: | CVE-2006-6797 |
| Severity Metric: | 7.44 |
| Date Public: | 2006-12-15 |
| Date First Published: | 2007-04-10 |
| Date Last Updated: | 2007-04-11 10:50 UTC |
| Document Revision: | 14 |