New Search

Win32k Keyboard Layout Vulnerability

oval:org.mitre.oval:def:7514

The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk which allows local users to gain privileges via a crafted application as demonstrated in the wild in July 2010 by the Stuxnet worm aka "Win32k Keyboard Layout Vulnerability." NOTE: this might be a duplicate of CVE-2010-3888 or CVE-2010-3889.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows XP
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Vista
  • Microsoft Windows Server 2008
  • Microsoft Windows 7
  • Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
  • CVE-2010-2743
Product(s):