VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-1734
windows_2000, windows_2003_server, windows_xp: The SfnINSTRING function in win32k.sys in the kerne...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1734

Original

The SfnINSTRING function in win32k.sys in the kernel in Microsoft Windows 2000, XP, and Server 2003 allows local users to cause a denial of service (system crash) via a 0x18d value in the second argument (aka the Msg argument) of a PostMessage function call for the DDEMLEvent window.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-05-06
Source Information Category:
Advisory, Alert
Last Updated:
2010-05-06




Affected Product Tags
cpe:/o:microsoft:windows_2000::beta3
cpe:/o:microsoft:windows_2000::gold
cpe:/o:microsoft:windows_2000::gold:advanced_server
cpe:/o:microsoft:windows_2000::gold:datacenter_server
cpe:/o:microsoft:windows_2000::gold:professional
cpe:/o:microsoft:windows_2000::gold:server
cpe:/o:microsoft:windows_2000::rc1
cpe:/o:microsoft:windows_2000::rc2
cpe:/o:microsoft:windows_2000::sp1
cpe:/o:microsoft:windows_2000::sp1:advanced_server
cpe:/o:microsoft:windows_2000::sp1:datacenter_server
cpe:/o:microsoft:windows_2000::sp1:professional
cpe:/o:microsoft:windows_2000::sp1:server
cpe:/o:microsoft:windows_2000::sp2
cpe:/o:microsoft:windows_2000::sp2:advanced_server
cpe:/o:microsoft:windows_2000::sp2:datacenter_server
cpe:/o:microsoft:windows_2000::sp2:professional
cpe:/o:microsoft:windows_2000::sp2:server
cpe:/o:microsoft:windows_2000::sp3
cpe:/o:microsoft:windows_2000::sp3:advanced_server
cpe:/o:microsoft:windows_2000::sp3:datacenter_server
cpe:/o:microsoft:windows_2000::sp3:professional
cpe:/o:microsoft:windows_2000::sp3:server
cpe:/o:microsoft:windows_2000::sp4
cpe:/o:microsoft:windows_2000::sp4:advanced_server
cpe:/o:microsoft:windows_2000::sp4:datacenter_server
cpe:/o:microsoft:windows_2000::sp4:professional
cpe:/o:microsoft:windows_2000::sp4:server
cpe:/o:microsoft:windows_2000:beta3
cpe:/o:microsoft:windows_2003_server::gold
cpe:/o:microsoft:windows_2003_server::gold:compute_cluster
cpe:/o:microsoft:windows_2003_server::gold:datacenter
cpe:/o:microsoft:windows_2003_server::gold:enterprise
cpe:/o:microsoft:windows_2003_server::gold:itanium
cpe:/o:microsoft:windows_2003_server::gold:standard
cpe:/o:microsoft:windows_2003_server::gold:storage
cpe:/o:microsoft:windows_2003_server::gold:x64
cpe:/o:microsoft:windows_2003_server::gold:x64-enterprise
cpe:/o:microsoft:windows_2003_server::gold:x64-standard
cpe:/o:microsoft:windows_2003_server::r2:compute_cluster
cpe:/o:microsoft:windows_2003_server::r2:datacenter
cpe:/o:microsoft:windows_2003_server::r2:enterprise
cpe:/o:microsoft:windows_2003_server::r2:standard
cpe:/o:microsoft:windows_2003_server::r2:storage
cpe:/o:microsoft:windows_2003_server::r2:x64
cpe:/o:microsoft:windows_2003_server::r2:x64-datacenter
cpe:/o:microsoft:windows_2003_server::r2:x64-enterprise
cpe:/o:microsoft:windows_2003_server::r2:x64-standard
cpe:/o:microsoft:windows_2003_server::sp1
cpe:/o:microsoft:windows_2003_server::sp1:compute_cluster
cpe:/o:microsoft:windows_2003_server::sp1:datacenter
cpe:/o:microsoft:windows_2003_server::sp1:enterprise
cpe:/o:microsoft:windows_2003_server::sp1:standard
cpe:/o:microsoft:windows_2003_server::sp1:storage
cpe:/o:microsoft:windows_2003_server::sp2
cpe:/o:microsoft:windows_2003_server::sp2:compute_cluster
cpe:/o:microsoft:windows_2003_server::sp2:datacenter
cpe:/o:microsoft:windows_2003_server::sp2:enterprise
cpe:/o:microsoft:windows_2003_server::sp2:itanium
cpe:/o:microsoft:windows_2003_server::sp2:standard
cpe:/o:microsoft:windows_2003_server::sp2:storage
cpe:/o:microsoft:windows_xp:-:gold:64-bit-2002
cpe:/o:microsoft:windows_xp:-:gold:64-bit-2003
cpe:/o:microsoft:windows_xp:-:gold:home
cpe:/o:microsoft:windows_xp:-:gold:x64
cpe:/o:microsoft:windows_xp:-:sp1:home
cpe:/o:microsoft:windows_xp:-:sp2:home
cpe:/o:microsoft:windows_xp:-:sp2:x64
cpe:/o:microsoft:windows_xp:-:sp3:embedded
cpe:/o:microsoft:windows_xp:-:sp3:home
cpe:/o:microsoft:windows_xp:-:sp3:media_center
cpe:/o:microsoft:windows_xp:-:sp3:professional
cpe:/o:microsoft:windows_xp:-:sp3:tablet_pc
cpe:/o:microsoft:windows_xp:::x86
cpe:/o:microsoft:windows_xp::gold
cpe:/o:microsoft:windows_xp::gold:embedded
cpe:/o:microsoft:windows_xp::gold:media_center
cpe:/o:microsoft:windows_xp::gold:professional
cpe:/o:microsoft:windows_xp::gold:tablet_pc
cpe:/o:microsoft:windows_xp::sp1
cpe:/o:microsoft:windows_xp::sp1:embedded
cpe:/o:microsoft:windows_xp::sp1:media_center
cpe:/o:microsoft:windows_xp::sp1:professional
cpe:/o:microsoft:windows_xp::sp1:tablet_pc
cpe:/o:microsoft:windows_xp::sp2
cpe:/o:microsoft:windows_xp::sp2:embedded
cpe:/o:microsoft:windows_xp::sp2:media_center
cpe:/o:microsoft:windows_xp::sp2:professional
cpe:/o:microsoft:windows_xp::sp2:tablet_pc
cpe:/o:microsoft:windows_xp::sp2:x86
cpe:/o:microsoft:windows_xp::sp3
cpe:/o:microsoft:windows_xp::sp3:x86
cpe:/o:microsoft:windows_xp:sp2
cpe:/o:microsoft:windows_xp:sp3
cpe:/o:microsoft:windows_xp:sp3:unknown:english
cpe:/o:microsoft:windows_xp:unknown:sp3
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

X Local [?]
Adjacent Network [?]
Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
Medium [?]
X Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
[Integrity Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
[Availability Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
Alternatives




References
BID 39631




BUGTRAQ 20100422 Windows 2000/XP/2003 win32k.sys SfnINSTRING local kernel Denial of Service Vulnerability




MISC http://vigilance.fr/vulnerability/Windows-denials-of-service-of-win32k-sys-9607




SECUNIA 39456




Vulnerability Type Input Validation (CWE-20)




Copyright © 2010 JPCERT/CC All Rights Reserved.