CVE-2010-5082

Name of the Vulnerable Software and Affected Versions Microsoft Windows Server 2008 SP2, R2, and R2 SP1

Description The issue allows local users to gain privileges via a Trojan horse sti.dll file in the current working directory. This can be demonstrated by a directory that contains a .camp, .cdmp, .gmmp, .icc, or .icm file. A remote code execution vulnerability exists in the way that the Color Control Panel handles the loading of DLL files, which could allow an attacker to take complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Windows Server 2008 SP2, R2, and R2 SP1, consider restricting access to the Color Control Panel until a patch is available. As a temporary workaround, avoid using directories that contain .camp, .cdmp, .gmmp, .icc, or .icm files to minimize the risk of exploitation. Restrict user rights on the system to minimize the impact of a potential attack.