PT-2010-3513 · Microsoft · Windows Vista+3
Tavis Ormandy
·
Published
2010-08-11
·
Updated
2023-12-07
·
CVE-2010-1890
CVSS v2.0
4.6
Medium
| Vector | AV:L/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Microsoft Windows Vista versions SP1 through SP2
Microsoft Windows Server 2008 versions Gold through R2
Microsoft Windows 7
Description
A denial of service issue exists due to improper validation of access control lists on kernel objects. This allows local users to cause a system reboot by running a specially crafted application, making the system unresponsive.
Recommendations
For Microsoft Windows Vista versions SP1 through SP2, update to a version that properly validates ACLs on kernel objects.
For Microsoft Windows Server 2008 versions Gold through R2, update to a version that properly validates ACLs on kernel objects.
For Microsoft Windows 7, update to a version that properly validates ACLs on kernel objects.
Exploit
Fix
DoS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows
Windows 7
Windows Server 2008
Windows Vista