CVE-2010-0484 in Windowsinformazioni

Riassunto

di MITRE

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 "do not properly validate changes in certain kernel objects," which allows local users to execute arbitrary code via vectors related to Device Contexts (DC) and the GetDCEx function, aka "Win32k Improper Data Validation Vulnerability."

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

02/02/2010

Divulgazione

08/06/2010

Moderazione

accettato

Voce

VDB-53509

CPE

pronto

CWE

CWE-20 (confermato)

CVSS

6.8 (NVD)

EPSS

0.01344

KEV

Attività

molto basso

Settore

Chemical, Homeoffice, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2010-0484
NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-0484
CVE Details	https://www.cvedetails.com/cve/CVE-2010-0484/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you need the next level of professionalism?

Upgrade your account now!