Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in TCP/IP Could Allow Elevation of Privilege (978886) |
Informations | |||
---|---|---|---|
Name | MS10-058 | First vendor Publication | 2010-08-10 |
Vendor | Microsoft | Last vendor Modification | 2012-03-13 |
Severity (Vendor) | Important | Revision | 2.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V2.0 (March 13, 2012): Revised bulletin to announce a detection change that removes MS10-029 as the replaced bulletin for all supported editions of Windows Vista and Windows Server 2008. For more information, see the related entry in the update FAQ. |
Original Source
Url : http://technet.microsoft.com/en-us/security/bulletin/ms10-058 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11845 | |||
Oval ID: | oval:org.mitre.oval:def:11845 | ||
Title: | IPv6 Memory Corruption Vulnerability | ||
Description: | The TCP/IP stack in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle malformed IPv6 packets, which allows remote attackers to cause a denial of service (system hang) via multiple crafted packets, aka "IPv6 Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1892 | Version: | 5 |
Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12087 | |||
Oval ID: | oval:org.mitre.oval:def:12087 | ||
Title: | Integer Overflow in Windows Networking Vulnerability | ||
Description: | Integer overflow in the TCP/IP stack in Microsoft Windows Vista SP1, Windows Server 2008 Gold and R2, and Windows 7 allows local users to gain privileges via a buffer of user-mode data that is copied to kernel mode, aka "Integer Overflow in Windows Networking Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1893 | Version: | 5 |
Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-08-26 | Name : Microsoft Windows TCP/IP Privilege Elevation Vulnerabilities (978886) File : nvt/secpod_ms10-058.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
67005 | Microsoft Windows TCP/IP Implementation IppSortDestinationAddresses() Functio... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when an integer overflow error in the "IppSortDestinationAddresses()" function when processing SOCKET_ADDRESS_LIST structures can be exploited by a local user to corrupt kernel memory and execute arbitrary code with system-level privileges. |
67004 | Microsoft Windows Malformed IPv6 Extension Header Handling Remote Memory Corr... Microsoft Windows contains a flaw that may allow a local denial of service. The issue is triggered when an error in the TCP/IP stack can be exploited via a small number of IPv6 packets with specially crafted extension headers and it can cause a vulnerable system to stop responding. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-08-11 | Name : The remote host has multiple vulnerabilities in its TCP/IP implementation. File : smb_nt_ms10-058.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:46:39 |
|