ID CVE-2010-1889
Summary Double free vulnerability in the kernel in Microsoft Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2, allows local users to gain privileges via a crafted application, related to object initialization during error handling, aka "Windows Kernel Double Free Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_server_2008:-:itanium
    cpe:2.3:o:microsoft:windows_server_2008:-:itanium
  • cpe:2.3:o:microsoft:windows_server_2008:-:x32
    cpe:2.3:o:microsoft:windows_server_2008:-:x32
  • cpe:2.3:o:microsoft:windows_server_2008:-:x64
    cpe:2.3:o:microsoft:windows_server_2008:-:x64
  • Windows Server 2008 Service Pack 2 for 32-bit systems
    cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x32
  • Microsoft Windows Server 2008 Service Pack 2 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64
  • Microsoft Windows Server 2008 Itanium
    cpe:2.3:o:microsoft:windows_server_2008:-:-:itanium
  • Microsoft Windows Server 2008 Service Pack 2 for Itanium-Based Systems
    cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium
  • Microsoft Windows Vista Service Pack 1 (initial release)
    cpe:2.3:o:microsoft:windows_vista:-:sp1
  • Microsoft Windows Vista Service Pack 1 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_vista:-:sp1:x64
  • Microsoft Windows Vista Service Pack 2
    cpe:2.3:o:microsoft:windows_vista:-:sp2
  • Microsoft Windows Vista Service Pack 2 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_vista:-:sp2:x64
  • Microsoft Windows Vista Service Pack 1 (initial release)
    cpe:2.3:o:microsoft:windows_vista:-:sp1
  • Microsoft Windows Vista Service Pack 2
    cpe:2.3:o:microsoft:windows_vista:-:sp2
CVSS
Base: 7.2 (as of 12-08-2010 - 13:30)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047). CVE-2010-1889. Dos exploit for windows platform
id EDB-ID:14667
last seen 2016-02-01
modified 2010-08-17
published 2010-08-17
reporter Tavis Ormandy
source https://www.exploit-db.com/download/14667/
title Microsoft Windows KTM Invalid Free with Reused Transaction GUID MS10-047
msbulletin via4
bulletin_id MS10-047
bulletin_url
date 2010-08-10T00:00:00
impact Elevation of Privilege
knowledgebase_id 981852
knowledgebase_url
severity Important
title Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
nessus via4
NASL family Windows : Microsoft Bulletins
NASL id SMB_NT_MS10-047.NASL
description The remote Windows host is running a version of the Windows kernel that is affected by one or more of the following vulnerabilities : - A race condition when creating certain types of kernel threads may allow a local attacker to execute arbitrary code in kernel mode and take complete control of the affected system. (CVE-2010-1888) - A double free vulnerability when the kernel initializes objects while handling certain errors may allow a local attacker to execute arbitrary code in kernel mode and take complete control of the affected system. (CVE-2010-1889) - A failure to properly validate access control lists on kernel objects may allow a local attacker to cause the system to become unresponsive and automatically restart. (CVE-2010-1890)
last seen 2019-02-21
modified 2018-11-15
plugin id 48284
published 2010-08-11
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=48284
title MS10-047: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (981852)
oval via4
accepted 2010-09-27T04:00:03.846-04:00
class vulnerability
contributors
name Dragos Prisaca
organization Symantec Corporation
definition_extensions
  • comment Microsoft Windows Vista (32-bit) Service Pack 1 is installed
    oval oval:org.mitre.oval:def:4873
  • comment Microsoft Windows Vista x64 Edition Service Pack 1 is installed
    oval oval:org.mitre.oval:def:5254
  • comment Microsoft Windows Server 2008 (32-bit) is installed
    oval oval:org.mitre.oval:def:4870
  • comment Microsoft Windows Server 2008 (64-bit) is installed
    oval oval:org.mitre.oval:def:5356
  • comment Microsoft Windows Server 2008 (ia-64) is installed
    oval oval:org.mitre.oval:def:5667
  • comment Microsoft Windows Vista (32-bit) Service Pack 2 is installed
    oval oval:org.mitre.oval:def:6124
  • comment Microsoft Windows Vista x64 Edition Service Pack 2 is installed
    oval oval:org.mitre.oval:def:5594
  • comment Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed
    oval oval:org.mitre.oval:def:5653
  • comment Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed
    oval oval:org.mitre.oval:def:6216
  • comment Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed
    oval oval:org.mitre.oval:def:6150
description Double free vulnerability in the kernel in Microsoft Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2, allows local users to gain privileges via a crafted application, related to object initialization during error handling, aka "Windows Kernel Double Free Vulnerability."
family windows
id oval:org.mitre.oval:def:11044
status accepted
submitted 2010-08-10T13:00:00
title Windows Kernel Double Free Vulnerability
version 69
packetstorm via4
data source https://packetstormsecurity.com/files/download/92845/mswinktm-invalidfree.txt
id PACKETSTORM:92845
last seen 2016-12-05
published 2010-08-17
reporter Tavis Ormandy
source https://packetstormsecurity.com/files/92845/Microsoft-Windows-KTM-Invalid-Free-With-Reused-Transaction-GUID.html
title Microsoft Windows KTM Invalid Free With Reused Transaction GUID
refmap via4
cert TA10-222A
ms MS10-047
Last major update 17-09-2010 - 00:00
Published 11-08-2010 - 14:47
Last modified 12-10-2018 - 17:57
Back to Top