Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-0485
HistoryJun 08, 2010 - 10:30 p.m.

CVE-2010-0485

2010-06-0822:30:00
CWE-20
[email protected]
web.nvd.nist.gov
36
windows
kernel-mode drivers
win32k.sys
validation
callback parameters
arbitrary code execution
vulnerability
cve-2010-0485
nvd

6.5 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

0.0005 Low

EPSS

Percentile

17.1%

JSON

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 “do not properly validate all callback parameters when creating a new window,” which allows local users to execute arbitrary code, aka “Win32k Window Creation Vulnerability.”

Related

seebug 2
prion 1
canvas 1
exploitpack 1
securityvulns 3
packetstorm 1
exploitdb 1
openvas 2
nessus 1
seebug
seebug
Windows Win32k.sys驱动创建窗口权限提升漏洞(MS10-032)
2010-06-10 00:00:00
Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048)
2010-08-11 00:00:00
prion
prion
Design/Logic Flaw
2010-06-08 22:30:00
canvas
canvas
Immunity Canvas: MS10_032
2010-06-08 22:30:00
exploitpack
exploitpack
Microsoft Windows - CreateWindow Function Callback (MS10-048)
2010-08-10 00:00:00
securityvulns
securityvulns
[CORE-2010-0623] Microsoft Windows CreateWindow function callback vulnerability
2010-08-11 00:00:00
Microsoft Windows win32k privilege escalation
2010-06-14 00:00:00
Microsoft Security Bulletin MS10-032 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559)
2010-06-08 00:00:00
packetstorm
packetstorm
Core Security Technologies Advisory 2010.0623
2010-08-12 00:00:00
exploitdb
exploitdb
Microsoft Windows - CreateWindow Function Callback (MS10-048)
2010-08-10 00:00:00
openvas
openvas
Microsoft Windows Kernel Mode Drivers Privilege Escalation Vulnerabilities (979559)
2010-06-09 00:00:00
Microsoft Windows Kernel Mode Drivers Privilege Escalation Vulnerabilities (979559)
2010-06-09 00:00:00
nessus
nessus
MS10-032: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559)
2010-06-09 00:00:00

6.5 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

0.0005 Low

EPSS

Percentile

17.1%

JSON
Related for CVE-2010-0485
seebug2prion1canvas1exploitpack1securityvulns3packetstorm1exploitdb1openvas2nessus1