VYPR
Unrated severityNVD Advisory· Published Aug 12, 2009· Updated Jun 16, 2026

CVE-2009-1922

CVE-2009-1922

Description

The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP2, and Vista Gold does not properly validate unspecified IOCTL request data from user mode before passing this data to kernel mode, which allows local users to gain privileges via a crafted request, aka "MSMQ Null Pointer Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
  • Microsoft/Windows2 versions
    cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_vista:-:-:x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
  • Microsoft/MSMQllm-fuzzy
    Range: Windows 2000 SP4, XP SP2, Server 2003 SP2, Vista Gold

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.