MS10-032: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559)

NASLDB: MS10-032: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559)

General

ID: 46839
Name: MS10-032: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559)

Summary: Checks version of Win32k.sys

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Port: 139
Family: Windows : Microsoft Bulletins
Type: Local

Description

The remote Windows host is running a version of the Windows kernel
that is affected by one or more of the following vulnerabilities :

– Improper validation of changes in certain kernel
objects may allow a local attacker to execute arbitrary
code in kernel mode and take complete control of the
affected system. (CVE-2010-0484)

– Improper validation of parameters when creating a new
window may allow a local attacker to execute arbitrary
code in kernel mode and take complete control of the
affected system. (CVE-2010-0485)

– A vulnerability that arises in the way Windows provides
glyph outline information to applications may allow a
local attacker to execute arbitrary code in kernel mode
and take complete control of the affected system.
(CVE-2010-1255)

Exploiting

Exploit Available: True
Exploitability Ease: Exploits are available

Sources

CVE: CVE-2010-0484
OSVDB: –
Bugtraq: 40508
scipID: –

Timeline

Vulnerability Disclosure: 2010/06/08
Patch Release: 2010/06/08
Plugin Release: 2010/06/09

Plugin

Version: 1.16
Filename: smb_nt_ms10-032.nasl
Filesize: 5924 bytes
MD5 Hash: f4514bf551a2a2a1e01c6f81469d78d3

Identification: Host/patch_management_checks
Require Keys: SMB/MS_Bulletin_Checks/Possible
Dependencies: "smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl"