The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by the Stuxnet worm, aka βWin32k Keyboard Layout Vulnerability.β NOTE: this might be a duplicate of CVE-2010-3888 or CVE-2010-3889.
CPE | Name | Operator | Version |
---|---|---|---|
windows_server_2008 | eq | sp2itanium | |
windows_vista | eq | - sp1 | |
windows_xp | eq | sp2x64 |