← Retour aux CVEs
CVE-2010-4398
HIGHCISA KEV7.8
Description
Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control (UAC) feature, via a crafted REG_BINARY value for a SystemDefaultEUDCFont registry key, aka "Driver Improper Interaction with Windows Kernel Vulnerability."
Details CVE
Score CVSS v3.17.8
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie12/6/2010
Derniere modification4/21/2026
Sourcekev
Observations honeypot0
CISA KEV
FournisseurMicrosoft
ProduitWindows
Nom vulnerabiliteMicrosoft Windows Kernel Stack-Based Buffer Overflow Vulnerability
Date ajout KEV2022-03-28
Date limite remediation2022-04-21
Utilise dans ransomwareUnknown
Produits affectes
microsoft:windows_7microsoft:windows_server_2003microsoft:windows_server_2008microsoft:windows_vistamicrosoft:windows_xp
Faiblesses (CWE)
CWE-787CWE-787
References
http://isc.sans.edu/diary.html?storyid=9988(cve@mitre.org)
http://secunia.com/advisories/42356(cve@mitre.org)
http://support.avaya.com/css/P8/documents/100127248(cve@mitre.org)
http://twitter.com/msftsecresponse/statuses/7590788200402945(cve@mitre.org)
http://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror/(cve@mitre.org)
http://www.exploit-db.com/exploits/15609/(cve@mitre.org)
http://www.kb.cert.org/vuls/id/529673(cve@mitre.org)
http://www.securityfocus.com/bid/45045(cve@mitre.org)
http://www.securitytracker.com/id?1025046(cve@mitre.org)
http://www.vupen.com/english/advisories/2011/0324(cve@mitre.org)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12162(cve@mitre.org)
http://isc.sans.edu/diary.html?storyid=9988(af854a3a-2127-422b-91ae-364da2661108)
http://nakedsecurity.sophos.com/2010/11/25/new-windows-zero-day-flaw-bypasses-uac/(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/42356(af854a3a-2127-422b-91ae-364da2661108)
http://support.avaya.com/css/P8/documents/100127248(af854a3a-2127-422b-91ae-364da2661108)
http://twitter.com/msftsecresponse/statuses/7590788200402945(af854a3a-2127-422b-91ae-364da2661108)
http://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror/(af854a3a-2127-422b-91ae-364da2661108)
http://www.exploit-db.com/exploits/15609/(af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/529673(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/45045(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1025046(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0324(af854a3a-2127-422b-91ae-364da2661108)
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-011(af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12162(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-4398(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.