Executive Summary

Summary
TitleVulnerabilities in Windows Kernel
Informations
NameMS10-032First vendor Publication2010-06-08
VendorMicrosoftLast vendor Modification2010-06-08
Severity (Vendor) ImportantRevision1.0

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:S/C:C/I:C/A:C)
Cvss Base Score6.8Attack RangeLocal
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score3.1AuthenticationRequires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V1.0 (June 8, 2010): Bulletin published.

Summary: This security update resolves two publicly disclosed vulnerabilities and one privately reported vulnerability in the Windows kernel-mode drivers. The vulnerabilities could allow elevation of privilege if a user views content rendered in a specially crafted TrueType font.

Original Source

Url : http://www.microsoft.com/technet/security/bulletin/MS10-032.mspx

CWE : Common Weakness Enumeration

idName
CWE-20Improper Input Validation
CWE-94Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:7609
 
Oval ID: oval:org.mitre.oval:def:7609
Title: Win32k Improper Data Validation Vulnerability
Description: The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 "do not properly validate changes in certain kernel objects," which allows local users to execute arbitrary code via vectors related to Device Contexts (DC) and the GetDCEx function, aka "Win32k Improper Data Validation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-0484
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6948
 
Oval ID: oval:org.mitre.oval:def:6948
Title: Win32k Window Creation Vulnerability
Description: The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execute arbitrary code, aka "Win32k Window Creation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-0485
Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7283
 
Oval ID: oval:org.mitre.oval:def:7283
Title: Win32k TrueType Font Parsing Vulnerability
Description: The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 allows local users to execute arbitrary code via vectors related to "glyph outline information" and TrueType fonts, aka "Win32k TrueType Font Parsing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-1255
Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os1
Os3
Os2
Os8
Os6
Os3

ExploitDB Exploits

idDescription
2010-08-10Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048)

OpenVAS Exploits

DateDescription
2010-06-09Name : Microsoft Windows Kernel Mode Drivers Privilege Escalation Vulnerabilities (9...
File : nvt/secpod_ms10-032.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
65225Microsoft Windows Kernel-Mode Driver Window Creation Local Privilege Escalation
65224Microsoft Windows Kernel-Mode Driver Win32k.sys GetDCEx() Function Device Con...
65223Microsoft Windows Kernel-Mode Driver TrueType Font Parsing Local Privilege Es...

Nessus® Vulnerability Scanner

DateDescription
2010-06-22Name : The remote host contains a web browser that is affected by multiple vulnerabi...
File : opera_1054.nasl - Type : ACT_GATHER_INFO
2010-06-09Name : The Windows kernel is affected by several vulnerabilities that could allow es...
File : smb_nt_ms10-032.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2014-02-17 11:46:33
  • Multiple Updates