Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2010-4398 | First vendor Publication | 2010-12-06 |
Vendor | Cve | Last vendor Modification | 2025-02-10 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | |||
---|---|---|---|
Overall CVSS Score | 7.8 | ||
Base Score | 7.8 | Environmental Score | 7.8 |
impact SubScore | 5.9 | Temporal Score | 7.8 |
Exploitabality Sub Score | 1.8 | ||
Attack Vector | Local | Attack Complexity | Low |
Privileges Required | Low | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | High | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control (UAC) feature, via a crafted REG_BINARY value for a SystemDefaultEUDCFont registry key, aka "Driver Improper Interaction with Windows Kernel Vulnerability." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4398 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12162 | |||
Oval ID: | oval:org.mitre.oval:def:12162 | ||
Title: | Driver Improper Interaction with Windows Kernel Vulnerability | ||
Description: | Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control (UAC) feature, via a crafted REG_BINARY value for a SystemDefaultEUDCFont registry key, aka "Driver Improper Interaction with Windows Kernel Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4398 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 | |
Os | 1 | |
Os | 3 | |
Os | 2 | |
Os | 2 |
ExploitDB Exploits
id | Description |
---|---|
2011-03-01 | MS11-011(CVE-2011-0045): MS Windows XP WmiTraceMessageVa Integer Truncation V... |
OpenVAS Exploits
Date | Description |
---|---|
2011-02-09 | Name : Microsoft Windows Kernel Elevation of Privilege Vulnerability (2393802) File : nvt/secpod_ms11-011.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
69501 | Microsoft Windows win32k.sys Driver GreEnableEUDC() Function Local Overflow Microsoft Windows is prone to an overflow condition. win32k.sys fails to properly process the 'GreEnableEUDC()' function, resulting in a buffer overflow. With a specially crafted 'SystemDefaultEUDCFont' registry value, a local attacker can potentially execute arbitrary code. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-02-10 | IAVM : 2011-A-0022 - Multiple Vulnerabilities in Microsoft Windows Kernel Severity : Category I - VMSKEY : V0026065 |
Snort® IPS/IDS
Date | Description |
---|---|
2017-02-21 | Microsoft Windows RtlQueryRegistryValues buffer overflow attempt RuleID : 41365 - Revision : 3 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows WMI tracing api integer truncation attempt RuleID : 18413 - Revision : 16 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows WMI tracing api integer truncation attempt RuleID : 18408 - Revision : 9 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-02-08 | Name : The Windows kernel is affected by several vulnerabilities that could allow es... File : smb_nt_ms11-011.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2025-02-11 17:21:38 |
|
2024-12-20 00:21:20 |
|
2024-11-28 23:06:49 |
|
2024-11-28 12:23:40 |
|
2024-07-10 00:27:52 |
|
2024-02-02 01:14:34 |
|
2024-02-01 12:04:04 |
|
2023-09-05 12:13:35 |
|
2023-09-05 01:03:55 |
|
2023-09-02 12:13:40 |
|
2023-09-02 01:03:59 |
|
2023-08-12 12:16:16 |
|
2023-08-12 01:03:58 |
|
2023-08-11 12:13:44 |
|
2023-08-11 01:04:07 |
|
2023-08-06 12:13:11 |
|
2023-08-06 01:04:00 |
|
2023-08-04 12:13:17 |
|
2023-08-04 01:04:00 |
|
2023-07-14 12:13:14 |
|
2023-07-14 01:03:58 |
|
2023-03-29 01:15:09 |
|
2023-03-28 12:04:05 |
|
2022-10-11 12:11:48 |
|
2022-10-11 01:03:45 |
|
2021-05-04 12:12:33 |
|
2021-04-22 01:13:29 |
|
2020-05-23 00:26:58 |
|
2018-10-13 00:23:02 |
|
2018-09-20 12:08:35 |
|
2017-09-19 09:24:04 |
|
2016-09-30 01:02:38 |
|
2016-08-31 12:02:22 |
|
2016-06-28 18:23:17 |
|
2016-04-26 20:15:42 |
|
2014-02-17 10:58:49 |
|
2013-11-11 12:39:06 |
|
2013-05-10 23:37:56 |
|