CVE-2010-3944

Description

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability."

Related CPE's

omicrosoftwindows_server_2008r2*itanium*****

omicrosoftwindows_server_2008r2*x64*****

omicrosoftwindows_7-*******

References

TA10-348A

US Government Resource

1024880

oval:org.mitre.oval:def:12184

MS10-098

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:L/AC:L/Au:N/C:C/I:C/A:C

AccessVector

LOCAL

AccessComplexity

LOW

Authentication

NONE

ConfidentialityImpact

COMPLETE

IntegrityImpact

COMPLETE

AvailabilityImpact

COMPLETE

BaseScore

7.199999809265137

Created by Yello
About Severity.io