6.4 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
10.6%
The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by the Stuxnet worm, aka βWin32k Keyboard Layout Vulnerability.β NOTE: this might be a duplicate of CVE-2010-3888 or CVE-2010-3889.
CPE | Name | Operator | Version |
---|---|---|---|
windows_server_2008 | eq | sp2itanium | |
windows_vista | eq | - sp1 | |
windows_xp | eq | sp2x64 |