MicrosoftCVE-2010-3338CVE-2010-3338
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
70.6%
The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allows local users to gain privileges via a crafted application, aka “Task Scheduler Vulnerability.” NOTE: this might overlap CVE-2010-3888.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_7 | - | cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:* |
| microsoft | windows_server_2008 | - | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:* |
| microsoft | windows_server_2008 | r2 | cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:* |
| microsoft | windows_server_2008 | r2 | cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:* |
| microsoft | windows_vista | * | cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
70.6%