QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2010-2744

Back to search

CVE-2010-2744

Published: Oct 13, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly manage a window class, which allows local users to gain privileges by creating a window, then using (1) the SetWindowLongPtr function to modify the popup menu structure, or (2) the SwitchWndProc function with a switch window information pointer, which is not re-initialized when a WM_NCCREATE message is processed, aka "Win32k Window Class Vulnerability."

VendorProductVersions

n/a

n/a

affected
n/a

References

oval:org.mitre.oval:def:12085
vdb-entry
signature
x_refsource_OVAL
15894
exploit
x_refsource_EXPLOIT-DB
TA10-285A
third-party-advisory
x_refsource_CERT
MS10-073
vendor-advisory
x_refsource_MS

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2010-2744 - Security Vulnerability | QwikSec