4305 matches found
Design/Logic Flaw
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly manage a window class, which allows local users to gain privileges by creating a window, then using 1 the...
CVE-2010-2744
The CVE-2010-2744 flaw is a Win32k kernel-mode privilege-escalation issue in multiple Windows versions. A window-class handling bug lets local attackers gain privileges by creating a window and abusing SetWindowLongPtr to modify the popup menu structure or by abusing SwitchWndProc invoked via WM_...
CVE-2010-2744
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly manage a window class, which allows local users to gain privileges by creating a window, then using 1 the...
Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (981957)
This host is missing a critical security update according to Microsoft Bulletin MS10-073. OpenVAS Vulnerability Test $Id: secpodms10-073.nasl 5934 2017-04-11 12:28:28Z antu123 $ Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities 981957 Authors: Madhuri D Copyright: Copyright c 2010...
Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (981957)
This host is missing a critical security update according to Microsoft Bulletin MS10-073. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
MS10-078: Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986)
The remote Windows host contains a version of the OpenType Font OTF Format Driver that is affected by two vulnerabilities : - The driver does not properly allocate memory when parsing a specially crafted font, which could allow a local attacker to run arbitrary code in kernel mode. CVE-2010-2740 ...
Microsoft Security Bulletin MS10-073 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)
Microsoft Security Bulletin MS10-073 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege 981957 Published: October 12, 2010 Version: 1.0 General Information Executive Summary This security update resolves several publicly disclosed vulnerabilities in the...
Microsoft Windows win32k.sys Driver 'CreateDIBPalette()' BOF Vulnerability
This host is prone to buffer ovreflow vulnerability. OpenVAS Vulnerability Test $Id: secpodmswinkernelwin32ksysbofdosvuln.nasl 5364 2017-02-20 13:26:07Z cfi $ Microsoft Windows win32k.sys Driver 'CreateDIBPalette' BOF Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2010 SecPod,...
CVE-2010-1894
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, do not properly handle unspecified exceptions, which allows local users to gain privileges via a crafted application, aka "Win32k Exception Handling Vulnerability."...
CVE-2010-1895
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, do not properly perform memory allocation before copying user-mode data to kernel mode, which allows local users to gain privileges via a crafted application, aka "Win32k Pool Overflow...
CVE-2010-1896
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 do not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted...
CVE-2010-1887
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate an unspecified system-call argument, which allows local users to cause a denial of...
Integer overflow
Integer overflow in the TCP/IP stack in Microsoft Windows Vista SP1, Windows Server 2008 Gold and R2, and Windows 7 allows local users to gain privileges via a buffer of user-mode data that is copied to kernel mode, aka "Integer Overflow in Windows Networking Vulnerability."...
Buffer overflow
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, do not properly perform memory allocation before copying user-mode data to kernel mode, which allows local users to gain privileges via a crafted application, aka "Win32k Pool Overflow...
Design/Logic Flaw
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate pseudo-handle values in callback parameters during window creation, which allows loc...
CVE-2010-1896
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 do not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted...
CVE-2010-1897
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate pseudo-handle values in callback parameters during window creation, which allows loc...
CVE-2010-1894
Win32k Exception Handling Vulnerability (CVE-2010-1894) affects Windows XP SP2/SP3 and Windows Server 2003 SP2 via win32k.sys. Description: the kernel-mode driver does not properly handle certain exceptions, enabling local privilege escalation by a crafted application. Impact: attacker could exec...
CVE-2010-1894
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, do not properly handle unspecified exceptions, which allows local users to gain privileges via a crafted application, aka "Win32k Exception Handling Vulnerability."...
CVE-2010-1887
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate an unspecified system-call argument, which allows local users to cause a denial of...