Lucene search
RootSSV:20166HistoryOct 15, 2010 - 12:00 a.m.
Microsoft Windows Win32k.sys内核驱动多个本地权限提升漏洞(MS10-073)
2010-10-1500:00:00
Root
www.seebug.org
17
0.0004 Low
EPSS
Percentile
10.7%
BUGTRAQ ID: 43773,43774
CVE ID: CVE-2010-2744,CVE-2010-2743
Microsoft Windows是微软发布的非常流行的操作系统。
Windows Win32k.sys内核态驱动加载特定键盘布局和验证窗口类数据的方式存在权限提升漏洞。成功利用这个漏洞的攻击者可以执行任意内核态代码。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。
Microsoft Windows XP SP3
Microsoft Windows XP Pro x64版SP2
Microsoft Windows Vista SP2
Microsoft Windows Vista SP1
Microsoft Windows Server 2008 SP2
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008
Microsoft Windows Server 2003 SP2
Microsoft Windows 7
厂商补丁:
Microsoft
Microsoft已经为此发布了一个安全公告(MS10-073)以及相应补丁:
MS10-073:Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)
链接:http://www.microsoft.com/technet/security/bulletin/MS10-073.mspx?pf=true
Related
openvas
openvas
Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (981957)
2010-10-13 00:00:00
Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (981957)
2010-10-13 00:00:00
securityvulns
securityvulns
nessus
nessus
packetstorm
packetstorm
MS10-073 Windows Class Handling
2011-01-02 00:00:00
Win32k Keyboard Layout Vulnerability
2011-01-13 00:00:00
cve
cve
CVE-2010-2744
2010-10-13 19:00:00
CVE-2010-2743
2011-01-20 21:00:00
prion
prion
Design/Logic Flaw
2010-10-13 19:00:00
Hardcoded credentials
2011-01-20 21:00:00
canvas
canvas
Immunity Canvas: MS_KBLAYOUT
2010-10-13 19:00:00
Immunity Canvas: MS_TASKSCHEDULER
2011-01-20 21:00:00
exploitpack
exploitpack
Microsoft Win32k - Keyboard Layout (MS10-073)
2011-01-13 00:00:00
exploitdb
exploitdb
Microsoft Win32k - Keyboard Layout (MS10-073)
2011-01-13 00:00:00
threatpost
threatpost
Microsoft Releases Huge Patch Tuesday Update For 49 Bugs
2010-10-12 17:38:54
securelist
securelist
The zero-day exploits of Operation WizardOpium
2020-05-28 10:00:09