Lucene search

[email protected]CVE-2010-0232

HistoryJan 21, 2010 - 7:30 p.m.

CVE-2010-0232

2010-01-2119:30:00

CWE-264

[email protected]

web.nvd.nist.gov

861

In Wild

windows

kernel

vulnerability

privilege escalation

16-bit

ntvdm

nvd

cve-2010-0232

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

18.2%

JSON

The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka “Windows Kernel Exception Handler Vulnerability.”

Affected configurations

NVD

Node

microsoftwindows_2000Matchsp4

microsoftwindows_7Match-

microsoftwindows_ntMatch3.1

microsoftwindows_server_2003sp2

microsoftwindows_server_2008itanium

microsoftwindows_server_2008x32

microsoftwindows_server_2008x64

microsoftwindows_server_2008sp2x64

microsoftwindows_server_2008Match-sp2itanium

microsoftwindows_server_2008Matchsp2x32

microsoftwindows_vista

microsoftwindows_vistax64

microsoftwindows_vistasp1

microsoftwindows_vistasp2

microsoftwindows_vistaMatchsp1

microsoftwindows_vistaMatchsp2

microsoftwindows_xpMatch-

microsoftwindows_xpMatch-sp2x64

microsoftwindows_xpMatchsp3

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eqsp4
microsoft:windows_7microsoft windows 7eq-
microsoft:windows_ntmicrosoft windows nteq3.1
microsoft:windows_server_2003microsoft windows server 2003eq*
microsoft:windows_server_2008microsoft windows server 2008eq*
microsoft:windows_server_2008microsoft windows server 2008eq-
microsoft:windows_server_2008microsoft windows server 2008eqsp2
microsoft:windows_vistamicrosoft windows vistaeq*
microsoft:windows_vistamicrosoft windows vistaeqsp1
microsoft:windows_vistamicrosoft windows vistaeqsp2

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	sp4
microsoft:windows_7	microsoft windows 7	eq	-
microsoft:windows_nt	microsoft windows nt	eq	3.1
microsoft:windows_server_2003	microsoft windows server 2003	eq	*
microsoft:windows_server_2008	microsoft windows server 2008	eq	*
microsoft:windows_server_2008	microsoft windows server 2008	eq	-
microsoft:windows_server_2008	microsoft windows server 2008	eq	sp2
microsoft:windows_vista	microsoft windows vista	eq	*
microsoft:windows_vista	microsoft windows vista	eq	sp1
microsoft:windows_vista	microsoft windows vista	eq	sp2