CVE-2009-1139

high

Microsoft

CVSS v3 Base Score

7.8

AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS Score

61.2%

Exploitation probability in 30 days

Top 2% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

None

Integrity

None

Availability

Published: June 10, 2009 (6182 days ago)

Last Modified: April 23, 2026

Vendor: Microsoft

Source: NVD

Description

Memory leak in the LDAP service in Active Directory on Microsoft Windows 2000 SP4 and Server 2003 SP2, and Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2, allows remote attackers to cause a denial of service (memory consumption and service outage) via (1) LDAP or (2) LDAPS requests with unspecified OID filters, aka "Active Directory Memory Leak Vulnerability."

CWE

CWE-399

Affected Products

microsoft adammicrosoft windows server 2003microsoft windows 2000

References

🔗 osvdb.org 🔗 secunia.com 🔗 support.avaya.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com

CVE-2009-1139

Vulnerability Report

Description

CWE

Affected Products

References