Executive Summary
| Summary | |
|---|---|
| Title | Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683) |
| Informations | |||
|---|---|---|---|
| Name | MS10-021 | First vendor Publication | 2010-04-13 |
| Vendor | Microsoft | Last vendor Modification | 2010-07-13 |
| Severity (Vendor) | Important | Revision | 1.1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.2 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Revision Note: V1.1 (July 13, 2010): Added an entry in the Update FAQ to announce a detection change to the update for Windows 7 for 32-bit Systems. This is a detection change only. There were no changes to the security update files in this bulletin. Customers who have already installed the update successfully do not need to reinstall.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users. |
Original Source
| Url : http://www.microsoft.com/technet/security/bulletin/MS10-021.mspx |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 67 % | CWE-20 | Improper Input Validation |
| 17 % | CWE-399 | Resource Management Errors |
| 17 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:6770 | |||
| Oval ID: | oval:org.mitre.oval:def:6770 | ||
| Title: | Windows Virtual Path Parsing Vulnerability | ||
| Description: | The kernel in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly translate a registry key's virtual path to its real path, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Virtual Path Parsing Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0481 | Version: | 5 |
| Platform(s): | Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6793 | |||
| Oval ID: | oval:org.mitre.oval:def:6793 | ||
| Title: | Windows Kernel Registry Key Vulnerability | ||
| Description: | Unspecified vulnerability in registry-key validation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Registry Key Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0238 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6814 | |||
| Oval ID: | oval:org.mitre.oval:def:6814 | ||
| Title: | Windows Kernel Null Pointer Vulnerability | ||
| Description: | The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate a registry-key argument to an unspecified system call, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Null Pointer Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0234 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7012 | |||
| Oval ID: | oval:org.mitre.oval:def:7012 | ||
| Title: | Windows Kernel Exception Handler Vulnerability | ||
| Description: | The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, does not properly handle unspecified exceptions, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0810 | Version: | 3 |
| Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7113 | |||
| Oval ID: | oval:org.mitre.oval:def:7113 | ||
| Title: | Windows Kernel Memory Allocation Vulnerability | ||
| Description: | The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not properly allocate memory for the destination key associated with a symbolic-link registry key, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Allocation Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0236 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7130 | |||
| Oval ID: | oval:org.mitre.oval:def:7130 | ||
| Title: | Windows Kernel Symbolic Link Creation Vulnerability | ||
| Description: | The kernel in Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows local users to gain privileges by creating a symbolic link from an untrusted registry hive to a trusted registry hive, aka "Windows Kernel Symbolic Link Creation Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0237 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7176 | |||
| Oval ID: | oval:org.mitre.oval:def:7176 | ||
| Title: | Windows Kernel Malformed Image Vulnerability | ||
| Description: | The kernel in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate relocation sections of image files, which allows local users to cause a denial of service (reboot) via a crafted file, aka "Windows Kernel Malformed Image Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0482 | Version: | 5 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7509 | |||
| Oval ID: | oval:org.mitre.oval:def:7509 | ||
| Title: | Windows Kernel Symbolic Link Value Vulnerability | ||
| Description: | The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not perform the expected validation before creating a symbolic link, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Symbolic Link Value Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0235 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2010-04-14 | Name : Microsoft Windows Kernel Could Allow Elevation of Privilege (979683) File : nvt/secpod_ms10-021.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 63736 | Microsoft Windows Kernel Symbolic Link Value Processing Unspecified Local DoS |
| 63735 | Microsoft Windows Kernel Exception Handling Unspecified Local DoS |
| 63733 | Microsoft Windows Kernel Registry Link Symbolic Link Extraction Local Privile... |
| 63732 | Microsoft Windows Kernel Malformed Image Handling Local DoS |
| 63731 | Microsoft Windows Kernel Registry Hive Symbolic Link Creation Local Privilege... |
| 63730 | Microsoft Windows Kernel Registry Key Validation Unspecified Local DoS |
| 63729 | Microsoft Windows Kernel Virtual Path Parsing Local DoS |
| 63728 | Microsoft Windows Unspecified Kernel System Call Registry Handling Local DoS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-04-13 | Name : The Windows kernel is affected by eight vulnerabilities, including some that ... File : smb_nt_ms10-021.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:46:30 |
|
| 2013-05-11 00:49:37 |
|
