New Search

Win32k User Input Validation Vulnerability

oval:org.mitre.oval:def:12006

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3 Windows Server 2003 SP2 Windows Vista SP1 and SP2 and Windows Server 2008 Gold and SP2 do not properly validate user-mode input passed to kernel mode which allows local users to gain privileges via a crafted application aka "Win32k User Input Validation Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2008
  • Microsoft Windows XP
  • Microsoft Windows Vista
  • Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
  • CVE-2010-1896
Product(s):