Lucene search
MicrosoftCVE-2010-1895HistoryAug 11, 2010 - 6:47 p.m.
CVE-2010-1895
2010-08-1118:47:50
CWE-264
microsoft
web.nvd.nist.gov
55
cve-2010-1895
win32k pool overflow
windows xp
windows server 2003
privilege escalation
nvd
security vulnerability
memory allocation
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
9.5%
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, do not properly perform memory allocation before copying user-mode data to kernel mode, which allows local users to gain privileges via a crafted application, aka βWin32k Pool Overflow Vulnerability.β
Affected configurations
Node
microsoftwindows_2003_serversp2
ORmicrosoftwindows_2003_serversp2itanium
ORmicrosoftwindows_server_2003sp2
ORmicrosoftwindows_xpsp3
ORmicrosoftwindows_xpMatch-sp2x64
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_2003_server | cpe:/o:microsoft:windows_2003_server::sp2:: | |
| microsoft | windows_xp | - | cpe:/o:microsoft:windows_xp:-:sp2:: |
| microsoft | windows_xp | cpe:/o:microsoft:windows_xp::sp3:: | |
| microsoft | windows_server_2003 | cpe:/o:microsoft:windows_server_2003::sp2:: |
Related
prion
prion
Buffer overflow
2010-08-11 18:47:00
cvelist
cvelist
CVE-2010-1895
2010-08-11 18:00:00
symantec
symantec
seebug
seebug
nvd
nvd
CVE-2010-1895
2010-08-11 18:47:50
openvas
openvas
nessus
nessus
securityvulns
securityvulns
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
9.5%
Related for CVE-2010-1895