Информационная безопасность
[RU] switch to English


Повышение привилегий через win32k в Microsoft Windows
дополнено с 8 июня 2010 г.
Опубликовано:14 июня 2010 г.
Источник:
SecurityVulns ID:10909
Тип:локальная
Уровень опасности:
6/10
Описание:Многочисленные повреждения памяти.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2010-1255 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 allows local users to execute arbitrary code via vectors related to "glyph outline information" and TrueType fonts, aka "Win32k TrueType Font Parsing Vulnerability.")
 CVE-2010-0485 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execute arbitrary code, aka "Win32k Window Creation Vulnerability.")
 CVE-2010-0484 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 "do not properly validate changes in certain kernel objects," which allows local users to execute arbitrary code via vectors related to Device Contexts (DC) and the GetDCEx function, aka "Win32k Improper Data Validation Vulnerability.")
Оригинальный текстdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Windows Kernel "GetDCEx()" Memory Corruption Vulnerability (CVE-2010-0484) (14.06.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-032 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559) (08.06.2010)
Файлы:Microsoft Security Bulletin MS10-032 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород