Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2010-1889 | First vendor Publication | 2010-08-11 |
| Vendor | Cve | Last vendor Modification | 2025-01-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.2 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Double free vulnerability in the kernel in Microsoft Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2, allows local users to gain privileges via a crafted application, related to object initialization during error handling, aka "Windows Kernel Double Free Vulnerability." |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1889 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:11044 | |||
| Oval ID: | oval:org.mitre.oval:def:11044 | ||
| Title: | Windows Kernel Double Free Vulnerability | ||
| Description: | Double free vulnerability in the kernel in Microsoft Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2, allows local users to gain privileges via a crafted application, related to object initialization during error handling, aka "Windows Kernel Double Free Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1889 | Version: | 3 |
| Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
ExploitDB Exploits
| id | Description |
|---|---|
| 2010-08-17 | Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047) |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2010-08-11 | Name : Microsoft Windows Kernel Privilege Elevation Vulnerabilities (981852) File : nvt/secpod_ms10-047.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 66989 | Microsoft Windows Kernel Object Initialization Error Handling Local Privilege... Microsoft Windows contains a double-free error that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the Kernel Transaction Manager fails to properly handle the 'UOW' parameter when passing it to the 'NtCreateTransaction()' function, allowing a local authenticated attacker to gain full user rights. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-08-11 | Name : The Windows kernel is affected by several vulnerabilities that could allow es... File : smb_nt_ms10-047.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2025-01-21 21:21:13 |
|
| 2024-11-28 23:07:52 |
|
| 2024-11-28 12:21:59 |
|
| 2024-08-02 12:13:45 |
|
| 2024-08-02 01:03:43 |
|
| 2024-02-02 01:13:21 |
|
| 2024-02-01 12:03:39 |
|
| 2023-12-07 21:28:04 |
|
| 2023-09-05 12:12:25 |
|
| 2023-09-05 01:03:30 |
|
| 2023-09-02 12:12:28 |
|
| 2023-09-02 01:03:32 |
|
| 2023-08-12 12:14:49 |
|
| 2023-08-12 01:03:32 |
|
| 2023-08-11 12:12:31 |
|
| 2023-08-11 01:03:40 |
|
| 2023-08-06 12:12:03 |
|
| 2023-08-06 01:03:34 |
|
| 2023-08-04 12:12:08 |
|
| 2023-08-04 01:03:35 |
|
| 2023-07-14 12:12:04 |
|
| 2023-07-14 01:03:33 |
|
| 2023-03-29 01:13:49 |
|
| 2023-03-28 12:03:39 |
|
| 2022-10-11 12:10:46 |
|
| 2022-10-11 01:03:21 |
|
| 2021-05-04 12:11:36 |
|
| 2021-04-22 01:12:13 |
|
| 2020-05-23 00:25:50 |
|
| 2018-10-13 00:22:57 |
|
| 2017-09-19 09:23:48 |
|
| 2016-08-31 12:02:09 |
|
| 2016-06-28 18:11:08 |
|
| 2016-04-26 19:49:22 |
|
| 2014-02-17 10:55:32 |
|
| 2013-05-10 23:25:11 |
|
