Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in Windows Kernel |
Informations | |||
---|---|---|---|
Name | MS10-032 | First vendor Publication | 2010-06-08 |
Vendor | Microsoft | Last vendor Modification | 2010-06-08 |
Severity (Vendor) | Important | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:S/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.1 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.0 (June 8, 2010): Bulletin published.Summary: This security update resolves two publicly disclosed vulnerabilities and one privately reported vulnerability in the Windows kernel-mode drivers. The vulnerabilities could allow elevation of privilege if a user views content rendered in a specially crafted TrueType font. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS10-032.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-20 | Improper Input Validation |
33 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:6948 | |||
Oval ID: | oval:org.mitre.oval:def:6948 | ||
Title: | Win32k Window Creation Vulnerability | ||
Description: | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execute arbitrary code, aka "Win32k Window Creation Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0485 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7283 | |||
Oval ID: | oval:org.mitre.oval:def:7283 | ||
Title: | Win32k TrueType Font Parsing Vulnerability | ||
Description: | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 allows local users to execute arbitrary code via vectors related to "glyph outline information" and TrueType fonts, aka "Win32k TrueType Font Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1255 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7609 | |||
Oval ID: | oval:org.mitre.oval:def:7609 | ||
Title: | Win32k Improper Data Validation Vulnerability | ||
Description: | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 "do not properly validate changes in certain kernel objects," which allows local users to execute arbitrary code via vectors related to Device Contexts (DC) and the GetDCEx function, aka "Win32k Improper Data Validation Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0484 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2010-08-10 | Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048) |
OpenVAS Exploits
Date | Description |
---|---|
2010-06-09 | Name : Microsoft Windows Kernel Mode Drivers Privilege Escalation Vulnerabilities (9... File : nvt/secpod_ms10-032.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
65225 | Microsoft Windows Kernel-Mode Driver Window Creation Local Privilege Escalation Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the kernel-mode drivers in win32k.sys fail to properly validate callback parameters when creating new windows, allowing a local attacker to gain elevated privileges. |
65224 | Microsoft Windows Kernel-Mode Driver Win32k.sys GetDCEx() Function Device Con... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the kernel-mode drivers in win32k.sys suffer from memory corruption while handling 'GetDCEx()' function device contexts, allowing a local attacker to gain elevated privileges. |
65223 | Microsoft Windows Kernel-Mode Driver TrueType Font Parsing Local Privilege Es... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a boundary error occurs in win32k.sys when providing TrueType glyph outlines, allowing a local attacker to gain elevated privileges via a buffer overflow caused by content containing a crafted TrueType font. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-06-22 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : opera_1054.nasl - Type : ACT_GATHER_INFO |
2010-06-09 | Name : The Windows kernel is affected by several vulnerabilities that could allow es... File : smb_nt_ms10-032.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:46:33 |
|