CVE-2010-3963
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
0.4%
Buffer overflow in the Routing and Remote Access NDProxy component in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, related to the Routing and Remote Access service (RRAS) and improper copying from user mode to the kernel, aka βKernel NDProxy Buffer Overflow Vulnerability.β
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_2003_server | * | cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2003 | * | cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:* |
| microsoft | windows_xp | * | cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:* |
| microsoft | windows_xp | - | cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:* |
References
osvdb.org/69823
secunia.com/advisories/42613
www.securityfocus.com/bid/45269
www.securitytracker.com/id?1024881
www.us-cert.gov/cas/techalerts/TA10-348A.html
www.vupen.com/english/advisories/2010/3221
docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-099
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12461
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
0.4%