ID CVE-2010-1893
Summary Integer overflow in the TCP/IP stack in Microsoft Windows Vista SP1, Windows Server 2008 Gold and R2, and Windows 7 allows local users to gain privileges via a buffer of user-mode data that is copied to kernel mode, aka "Integer Overflow in Windows Networking Vulnerability."
References
Vulnerable Configurations
  • Microsoft Windows 7
    cpe:2.3:o:microsoft:windows_7
  • Microsoft Windows 7
    cpe:2.3:o:microsoft:windows_7
  • cpe:2.3:o:microsoft:windows_server_2008:-:itanium
    cpe:2.3:o:microsoft:windows_server_2008:-:itanium
  • cpe:2.3:o:microsoft:windows_server_2008:-:x32
    cpe:2.3:o:microsoft:windows_server_2008:-:x32
  • cpe:2.3:o:microsoft:windows_server_2008:-:x64
    cpe:2.3:o:microsoft:windows_server_2008:-:x64
  • Windows Server 2008 R2 for Itanium-based Systems
    cpe:2.3:o:microsoft:windows_server_2008:-:r2:itanium
  • Windows Server 2008 R2 for x64-based Systems
    cpe:2.3:o:microsoft:windows_server_2008:-:r2:x64
  • Microsoft Windows Vista Service Pack 1 (initial release)
    cpe:2.3:o:microsoft:windows_vista:-:sp1
  • Microsoft Windows Vista Service Pack 1 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_vista:-:sp1:x64
CVSS
Base: 6.8 (as of 12-08-2010 - 13:46)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
msbulletin via4
bulletin_id MS10-058
bulletin_url
date 2010-08-10T00:00:00
impact Elevation of Privilege
knowledgebase_id 978886
knowledgebase_url
severity Important
title Vulnerabilities in TCP/IP Could Allow Elevation of Privilege
nessus via4
NASL family Windows : Microsoft Bulletins
NASL id SMB_NT_MS10-058.NASL
description The TCP/IP stack installed on the remote Windows host is affected by one or more of the following vulnerabilities : - An error exists in the Windows TCP/IP stack when processing specially crafted IPv6 packets with a malformed extension header that could cause the affected system to stop responding if IPv6 features are enabled, which is true by default in Windows Vista and 2008. (CVE-2010-1892) - The Windows TCP/IP stack fails to properly handle data copied from user mode, which could result in an integer overflow and allow a local attacker to run arbitrary code with system-level privileges. (CVE-2010-1892)
last seen 2019-02-21
modified 2018-11-15
plugin id 48295
published 2010-08-11
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=48295
title MS10-058: Vulnerabilities in TCP/IP Could Allow Elevation of Privilege (978886)
oval via4
accepted 2012-03-26T04:00:51.776-04:00
class vulnerability
contributors
  • name Josh Turpin
    organization Symantec Corporation
  • name Dragos Prisaca
    organization Symantec Corporation
definition_extensions
  • comment Microsoft Windows Vista (32-bit) Service Pack 1 is installed
    oval oval:org.mitre.oval:def:4873
  • comment Microsoft Windows Vista x64 Edition Service Pack 1 is installed
    oval oval:org.mitre.oval:def:5254
  • comment Microsoft Windows Server 2008 (32-bit) is installed
    oval oval:org.mitre.oval:def:4870
  • comment Microsoft Windows Server 2008 (64-bit) is installed
    oval oval:org.mitre.oval:def:5356
  • comment Microsoft Windows Server 2008 (ia-64) is installed
    oval oval:org.mitre.oval:def:5667
  • comment Microsoft Windows 7 (32-bit) is installed
    oval oval:org.mitre.oval:def:6165
  • comment Microsoft Windows 7 x64 Edition is installed
    oval oval:org.mitre.oval:def:5950
  • comment Microsoft Windows Server 2008 R2 x64 Edition is installed
    oval oval:org.mitre.oval:def:6438
  • comment Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
    oval oval:org.mitre.oval:def:5954
description Integer overflow in the TCP/IP stack in Microsoft Windows Vista SP1, Windows Server 2008 Gold and R2, and Windows 7 allows local users to gain privileges via a buffer of user-mode data that is copied to kernel mode, aka "Integer Overflow in Windows Networking Vulnerability."
family windows
id oval:org.mitre.oval:def:12087
status accepted
submitted 2010-03-13T13:00:00
title Integer Overflow in Windows Networking Vulnerability
version 42
refmap via4
cert TA10-222A
ms MS10-058
Last major update 17-09-2010 - 01:47
Published 11-08-2010 - 14:47
Last modified 30-10-2018 - 12:27
Back to Top