Lucene search

[email protected]NVD:CVE-2010-2739

HistorySep 07, 2010 - 6:00 p.m.

CVE-2010-2739

2010-09-0718:00:02

CWE-119

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

High

0.098 Low

EPSS

Percentile

94.9%

JSON

Buffer overflow in the CreateDIBPalette function in win32k.sys in Microsoft Windows XP SP3, Server 2003 R2 Enterprise SP2, Vista Business SP1, Windows 7, and Server 2008 SP2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by performing a clipboard operation (GetClipboardData API function) with a crafted bitmap with a palette that contains a large number of colors.

Affected configurations

NVD

Node

microsoftwindows_2003_serverr2

microsoftwindows_7

microsoftwindows_server_2003sp2

microsoftwindows_server_2008Match-sp2

microsoftwindows_vistasp1

microsoftwindows_xpsp3

References

blogs.technet.com/b/msrc/archive/2010/08/10/update-on-the-publicly-disclosed-win32k-sys-eop-vulnerability.aspx

secunia.com/advisories/40870

www.ragestorm.net/blogs/?p=255

www.vupen.com/english/advisories/2010/2029

msrc.microsoft.com/blog/2010/08/update-on-the-publicly-disclosed-win32k-sys-eop-vulnerability/

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

High

0.098 Low

EPSS

Percentile

94.9%

JSON

Related for NVD:CVE-2010-2739

prion1 cve1 openvas2 cvelist1