CVE-2010-2744
Microsoft Windows - Class Handling (MS10-073)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly manage a window class, which allows local users to gain privileges by creating a window, then using (1) the SetWindowLongPtr function to modify the popup menu structure, or (2) the SwitchWndProc function with a switch window information pointer, which is not re-initialized when a WM_NCCREATE message is processed, aka "Win32k Window Class Vulnerability."
Los controladores de modo kernel en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, SP2 y R2, y Windows 7 no administran apropiadamente una clase de ventana, lo que permite a los usuarios locales alcanzar privilegios mediante la creación de una ventana, entonces, utilizando (1) la función SetWindowLongPtr para modificar la estructura del menú emergente, o (2) la función SwitchWndProc con un puntero de información de cambio de ventana, que no se vuelve a inicializar cuando se procesa un mensaje WM_NCCREATE, también se conoce como "Win32k Window Class Vulnerability".
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-07-14 CVE Reserved
- 2010-10-13 CVE Published
- 2011-01-02 First Exploit
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (6)
URL | Tag | Source |
---|---|---|
http://mista.nu/blog/2010/12/01/windows-class-handling-gone-wrong | X_refsource_misc | |
http://www.us-cert.gov/cas/techalerts/TA10-285A.html | Third Party Advisory | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12085 | Signature |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/15894 | 2011-01-02 | |
http://www.exploit-db.com/exploits/15894 | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-073 | 2023-12-07 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | * | sp2 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | * | sp2, itanium |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | - | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003" | * | sp2 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | itanium |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | x32 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | x64 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | r2, itanium |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | r2, x64 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | sp2, x32 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | sp2, x64 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | - | sp2, itanium |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | sp1 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | sp2 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | - | sp1 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp3 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | - | sp2, x64 |
Affected
|