CVE-2010-2744 in Windowsinfo

Summary

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly manage a window class, which allows local users to gain privileges by creating a window, then using (1) the SetWindowLongPtr function to modify the popup menu structure, or (2) the SwitchWndProc function with a switch window information pointer, which is not re-initialized when a WM_NCCREATE message is processed, aka "Win32k Window Class Vulnerability."

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

07/14/2010

Disclosure

10/13/2010

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
4202	Microsoft Windows Keyboard Layout win32k.sys Windows Class access control	264	Proof-of-Concept	Official fix	CVE-2010-2744

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

◂ PreviousOverviewNext ▸

Might our Artificial Intelligence support you?

Check our Alexa App!