CVE-2010-2739
The CVE-2010-2739 issue is a buffer overflow in the Windows win32k.sys CreateDIBPalette() function. A crafted bitmap with a very large color palette, used via GetClipboardData, can crash the system and may allow arbitrary code execution locally on affected Windows versions: XP SP3, Server 2003 R2...