Lucene search
MicrosoftCVE-2010-3940HistoryDec 16, 2010 - 7:33 p.m.
CVE-2010-3940
2010-12-1619:33:02
CWE-399
microsoft
web.nvd.nist.gov
37
cve-2010-3940
win32k.sys
vulnerability
windows xp
windows server
privilege escalation
nvd
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.4
Confidence
Low
EPSS
0.001
Percentile
20.6%
Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted application, aka “Win32k PFE Pointer Double Free Vulnerability.”
Affected configurations
Node
microsoftwindows_2003_serversp2
ORmicrosoftwindows_2003_serversp2itanium
ORmicrosoftwindows_7
ORmicrosoftwindows_7Match-
ORmicrosoftwindows_server_2003sp2
ORmicrosoftwindows_server_2008itanium
ORmicrosoftwindows_server_2008x32
ORmicrosoftwindows_server_2008x64
ORmicrosoftwindows_server_2008r2itanium
ORmicrosoftwindows_server_2008r2x64
ORmicrosoftwindows_server_2008sp2x32
ORmicrosoftwindows_server_2008sp2x64
ORmicrosoftwindows_server_2008Match-sp2itanium
ORmicrosoftwindows_vistasp1
ORmicrosoftwindows_vistasp2
ORmicrosoftwindows_vistaMatch-sp1
ORmicrosoftwindows_xpsp3
ORmicrosoftwindows_xpMatch-sp2x64
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_2003_server | * | cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:* |
| microsoft | windows_2003_server | * | cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:* |
| microsoft | windows_7 | * | cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:* |
| microsoft | windows_7 | - | cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:* |
| microsoft | windows_server_2003 | * | cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:* |
Related
prion
prion
Double free
2010-12-16 19:33:00
cvelist
cvelist
CVE-2010-3940
2010-12-16 19:00:00
nvd
nvd
CVE-2010-3940
2010-12-16 19:33:02
openvas
openvas
Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2436673)
2010-12-15 00:00:00
Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2436673)
2010-12-15 00:00:00
seebug
seebug
Microsoft Windows "Win32k.sys" 驱动程序多个安全漏洞(MS10-098)
2010-12-19 00:00:00
nessus
nessus
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2010-12-15 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.4
Confidence
Low
EPSS
0.001
Percentile
20.6%
Related for CVE-2010-3940