CVE-2010-2739

Buffer overflow in the CreateDIBPalette function in win32k.sys in Microsoft Windows XP SP3, Server 2003 R2 Enterprise SP2, Vista Business SP1, Windows 7, and Server 2008 SP2 allows local users to cause a denial of service crash and possibly execute arbitrary code by performing a clipboard operati...

Buffer overflow

Buffer overflow in the CreateDIBPalette function in win32k.sys in Microsoft Windows XP SP3, Server 2003 R2 Enterprise SP2, Vista Business SP1, Windows 7, and Server 2008 SP2 allows local users to cause a denial of service crash and possibly execute arbitrary code by performing a clipboard operati...

CVE-2010-2739

The CVE-2010-2739 issue is a buffer overflow in the Windows win32k.sys CreateDIBPalette() function. A crafted bitmap with a very large color palette, used via GetClipboardData, can crash the system and may allow arbitrary code execution locally on affected Windows versions: XP SP3, Server 2003 R2...

Microsoft Windows内核CreateDIBPalette()函数本地权限提升漏洞

BUGTRAQ ID: 42291 Microsoft Windows是微软发布的非常流行的操作系统。 Windows win32k.sys内核驱动中的CreateDIBPalette函数在创建DIB画板时将颜色数据拷贝到了固定大小的缓冲区。如果本地用户通过 BITMAPINFOHEADER结构中的biClrUsed字段指定了超过256个颜色的话，就可以在GetClipboardData API触发堆缓冲区溢出漏洞，导致以内核权限执行任意代码。 Microsoft Windows XP SP3 Microsoft Windows Vista Microsoft Windows Serve...