CVE-2010-1893

2010-08-1118:47:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2010-1893

integer overflow

tcp/ip stack

microsoft windows

vista

windows server 2008

windows 7

privilege escalation

nvd

6.7 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Integer overflow in the TCP/IP stack in Microsoft Windows Vista SP1, Windows Server 2008 Gold and R2, and Windows 7 allows local users to gain privileges via a buffer of user-mode data that is copied to kernel mode, aka “Integer Overflow in Windows Networking Vulnerability.”

CPENameOperatorVersion
microsoft:windows_server_2008microsoft windows server 2008eq*
microsoft:windows_7microsoft windows 7eq-
microsoft:windows_7microsoft windows 7eq*
microsoft:windows_vistamicrosoft windows vistaeq*

CPE	Name	Operator	Version
microsoft:windows_server_2008	microsoft windows server 2008	eq	*
microsoft:windows_7	microsoft windows 7	eq	-
microsoft:windows_7	microsoft windows 7	eq	*
microsoft:windows_vista	microsoft windows vista	eq	*