Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2010-3338 | First vendor Publication | 2010-12-16 |
Vendor | Cve | Last vendor Modification | 2023-12-07 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allows local users to gain privileges via a crafted application, aka "Task Scheduler Vulnerability." NOTE: this might overlap CVE-2010-3888. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3338 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12304 | |||
Oval ID: | oval:org.mitre.oval:def:12304 | ||
Title: | Task Scheduler Vulnerability | ||
Description: | The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allows local users to gain privileges via a crafted application, aka "Task Scheduler Vulnerability." NOTE: this might overlap CVE-2010-3888. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3338 | Version: | 8 |
Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2012-07-19 | Windows Escalate Task Scheduler XML Privilege Escalation |
OpenVAS Exploits
Date | Description |
---|---|
2010-12-15 | Name : Microsoft Windows Task Scheduler Elevation of Privilege Vulnerability (2305420) File : nvt/secpod_ms10-092.nasl |
2010-12-15 | Name : Consent User Interface Privilege Escalation Vulnerability (2442962) File : nvt/secpod_ms10-100.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
68518 | Microsoft Windows on 32-bit Task Scheduler Crafted Application Local Privileg... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is caused due to the Windows Task Scheduler failing to properly determine certain scheduled tasks' security context. This may be exploited by malicious, local, context-dependent attackers to gain escalated privileges via a crafted application. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2010-12-16 | IAVM : 2010-B-0110 - Microsoft Task Scheduler Elevation of Privilege Vulnerability Severity : Category II - VMSKEY : V0025862 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-12-15 | Name : A privilege escalation vulnerability exists in Windows Task Scheduler. File : smb_nt_ms10-092.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:13:58 |
|
2024-02-01 12:03:51 |
|
2023-12-07 21:28:03 |
|
2023-09-05 12:13:01 |
|
2023-09-05 01:03:42 |
|
2023-09-02 12:13:05 |
|
2023-09-02 01:03:45 |
|
2023-08-12 12:15:34 |
|
2023-08-12 01:03:44 |
|
2023-08-11 12:13:08 |
|
2023-08-11 01:03:53 |
|
2023-08-06 12:12:38 |
|
2023-08-06 01:03:46 |
|
2023-08-04 12:12:43 |
|
2023-08-04 01:03:47 |
|
2023-07-14 12:12:40 |
|
2023-07-14 01:03:45 |
|
2023-03-29 01:14:30 |
|
2023-03-28 12:03:51 |
|
2022-10-11 12:11:18 |
|
2022-10-11 01:03:32 |
|
2021-05-04 12:12:19 |
|
2021-04-22 01:13:05 |
|
2020-05-23 13:16:55 |
|
2020-05-23 00:26:27 |
|
2018-10-31 00:20:06 |
|
2018-10-13 00:22:59 |
|
2018-09-20 12:08:29 |
|
2017-09-19 09:23:56 |
|
2016-09-30 01:02:32 |
|
2016-08-31 12:02:16 |
|
2016-08-05 12:02:37 |
|
2016-06-28 18:18:31 |
|
2016-04-26 20:04:53 |
|
2014-02-17 10:57:21 |
|
2013-11-11 12:38:55 |
|
2013-05-10 23:32:23 |
|