VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-4398
windows_2003_server, windows_7, windows_server_2008, windows_vista, windows_xp: Stack-based buffer overflow in the RtlQueryRegistry...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4398

Original

Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 through R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control (UAC) feature, via a crafted REG_BINARY value for a SystemDefaultEUDCFont registry key.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-12-06
Source Information Category:
Advisory, Alert
Last Updated:
2010-12-06




Affected Product Tags
cpe:/o:microsoft:windows_2003_server
cpe:/o:microsoft:windows_7
cpe:/o:microsoft:windows_server_2008:-
cpe:/o:microsoft:windows_server_2008:r2::itanium
cpe:/o:microsoft:windows_server_2008:r2::x64
cpe:/o:microsoft:windows_vista
cpe:/o:microsoft:windows_xp
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

X Local [?]
Adjacent Network [?]
Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
Medium [?]
X Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
[Integrity Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
[Availability Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
Alternatives




References
VU#529673




EXPLOIT-DB 15609




MISC http://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror/




MISC http://twitter.com/msftsecresponse/statuses/7590788200402945




MISC http://nakedsecurity.sophos.com/2010/11/25/new-windows-zero-day-flaw-bypasses-uac/




MISC http://isc.sans.edu/diary.html?storyid=9988




SECUNIA 42356




Vulnerability Type Buffer Errors (CWE-119)




Copyright © 2010 JPCERT/CC All Rights Reserved.