CVE-2010-0484

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 "do not properly validate changes in certain kernel objects," which allows local users to execute arbitrary code via vectors related to...

CVE-2010-0485

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execu...

CVE-2010-1255

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 allows local users to execute arbitrary code via vectors related to "glyph outline information" and TrueType...

CVE-2010-0484

CVE-2010-0484 affects Windows kernel-mode drivers in win32k.sys. The vulnerability arises from improper validation/memory handling when processing Device Contexts (DC) via GetDCEx, enabling local users to execute arbitrary code in kernel mode (ring0) on affected Windows versions. Affected are Win...

CVE-2010-1255

CVE-2010-1255 maps to the Win32k TrueType Font Parsing Vulnerability in Windows kernel-mode driver win32k.sys. The issue concerns how glyph outline information is provided to user-mode applications, enabling local users to execute arbitrary code in kernel mode. Affected products include Windows 2...

CVE-2010-0485

The CVE-2010-0485 issue affects Windows kernel-mode drivers in win32k.sys across multiple OS versions (Windows 2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2, Windows 7, Server 2008 R2). The vulnerability stems from improper validation of callback parameters when creat...

PT-2010-2245 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue arises from the Windows kernel-mode drivers not properly validating changes in certain kernel objects, allowing local users to execute arbitrary code. This could...

Microsoft Security Bulletin MS10-032 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559)

Microsoft Security Bulletin MS10-032 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege 979559 Published: June 08, 2010 Version: 1.0 General Information Executive Summary This security update resolves two publicly disclosed vulnerabilities and one...

Design/Logic Flaw

The releaseonetty function in drivers/char/ttyio.c in the Linux kernel before 2.6.34-rc4 omits certain required calls to the putpid function, which has unspecified impact and local attack vectors...

CVE-2010-1162

CVE-2010-1162 affects the Linux kernel before 2.6.34-rc4, in which release_one_tty() in drivers/char/tty_io.c omits certain required put_pid() calls. The impact is described as unspecified, with local attack vectors. The available connected documents confirm the vulnerability and reference the af...

CVE-2010-1162

The releaseonetty function in drivers/char/ttyio.c in the Linux kernel before 2.6.34-rc4 omits certain required calls to the putpid function, which has unspecified impact and local attack vectors...

Design/Logic Flaw

The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvbnet.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service infinite loop via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE...

CVE-2010-1083

The processcomplcompat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensiti...

kernel: OOM/crash in drivers/connector

drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service memory consumption and system crash by sending the kernel many NETLINKCONNECTOR messages...

openSUSE Security Update : kernel (kernel-2146)

This update of the openSUSE 11.2 kernel contains a lot of bug and security fixes. Following security issues were fixed: CVE-2010-0622: The wakefutexpi function in kernel/futex.c in the Linux kernel does not properly handle certain unlock operations for a Priority Inheritance PI futex, which allow...

openSUSE Security Update : OpenOffice_org-base-drivers-postgresql (OpenOffice_org-base-drivers-postgresql-1980)

This update of OpenOfficeorg includes fixes for the following vulnerabilities : - CVE-2009-0217: XML signature weakness - CVE-2009-2949: XPM Import Integer Overflow - CVE-2009-2950: GIF Import Heap Overflow - CVE-2009-3301: MS Word sprmTDefTable Memory Corruption - CVE-2009-3302: MS Word...

Mandriva Update for foomatic-db MDVA-2010:099 (foomatic-db)

Check for the Version of foomatic-db OpenVAS Vulnerability Test Mandriva Update for foomatic-db MDVA-2010:099 foomatic-db Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

CVE-2010-0410

drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service memory consumption and system crash by sending the kernel many NETLINKCONNECTOR messages...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4.7 Extended Update Support. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any...

Ubuntu Update for Linux kernel vulnerabilities USN-894-1

Ubuntu Update for Linux kernel vulnerabilities USN-894-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN8941.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for Linux kernel vulnerabilities USN-894-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...