Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in Windows Kernel |
Informations | |||
---|---|---|---|
Name | MS10-073 | First vendor Publication | 2010-10-12 |
Vendor | Microsoft | Last vendor Modification | 2010-10-12 |
Severity (Vendor) | Important | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.0 (October 12, 2010): Bulletin published.Summary: This security update resolves several publicly disclosed vulnerabilities in the Windows kernel-mode drivers. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS10-073.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12085 | |||
Oval ID: | oval:org.mitre.oval:def:12085 | ||
Title: | Win32k Window Class Vulnerability | ||
Description: | The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly manage a window class, which allows local users to gain privileges by creating a window, then using (1) the SetWindowLongPtr function to modify the popup menu structure, or (2) the SwitchWndProc function with a switch window information pointer, which is not re-initialized when a WM_NCCREATE message is processed, aka "Win32k Window Class Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2744 | Version: | 10 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7514 | |||
Oval ID: | oval:org.mitre.oval:def:7514 | ||
Title: | Win32k Keyboard Layout Vulnerability | ||
Description: | The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by the Stuxnet worm, aka "Win32k Keyboard Layout Vulnerability." NOTE: this might be a duplicate of CVE-2010-3888 or CVE-2010-3889. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2743 | Version: | 10 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2011-01-13 | MS10-073: Win32k Keyboard Layout Vulnerability |
OpenVAS Exploits
Date | Description |
---|---|
2010-10-13 | Name : Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (981957) File : nvt/secpod_ms10-073.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
68552 | Microsoft Windows win32k.sys Driver Keyboard Layout Loading Local Privilege E... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The kernel-mode drivers fail to properly perform indexing of a function-pointer table when loading specific keyboard layouts, which may allow a local authenticated attacker to gain elevated privileges. |
68551 | Microsoft Windows win32k.sys Driver Window Class Data Validation Local Privil... Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the kernel-mode drivers fail to properly manage a window class, allowing a local attacker to gain elevated privileges by creating a window and using 'SetWindowLongPtr' and 'SwitchWndProc' functions to manipulate certain data. |
Metasploit Database
id | Description |
---|---|
2010-10-12 | Windows Escalate NtUserLoadKeyboardLayoutEx Privilege Escalation |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-10-13 | Name : The Windows kernel is affected by multiple vulnerabilities that could allow e... File : smb_nt_ms10-073.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2020-05-23 13:17:13 |
|
2016-03-09 13:23:41 |
|
2016-03-09 09:24:15 |
|
2014-02-17 11:46:42 |
|