Vulnerability Details CVE-2010-1735
The SfnLOGONNOTIFY function in win32k.sys in the kernel in Microsoft Windows 2000, XP, and Server 2003 allows local users to cause a denial of service (system crash) via a 0x4c value in the second argument (aka the Msg argument) of a PostMessage function call for the DDEMLEvent window.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.2%
CVSS Severity
CVSS v2 Score 4.9
References
- http://secunia.com/advisories/39456
- http://vigilance.fr/vulnerability/Windows-denials-of-service-of-win32k-sys-9607
- http://www.securityfocus.com/archive/1/510884/100/0/threaded
- http://www.securityfocus.com/bid/39630
- http://secunia.com/advisories/39456
- http://vigilance.fr/vulnerability/Windows-denials-of-service-of-win32k-sys-9607
- http://www.securityfocus.com/archive/1/510884/100/0/threaded
- http://www.securityfocus.com/bid/39630
Products affected by CVE-2010-1735
-
cpe:2.3:o:microsoft:windows_2000:-
-
cpe:2.3:o:microsoft:windows_2003_server:-
-
cpe:2.3:o:microsoft:windows_server_2003:-
-
cpe:2.3:o:microsoft:windows_server_2003:r2
-
cpe:2.3:o:microsoft:windows_xp:-
-
cpe:2.3:o:microsoft:windows_xp:sp3
-
cpe:2.3:o:microsoft:windows_xp:unknown