Home

CVE-2010-1891

Description

The Client/Server Runtime Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2, when a Chinese, Japanese, or Korean locale is enabled, does not properly allocate memory for transactions, which allows local users to gain privileges via a crafted application, aka CSRSS Local Elevation of Privilege Vulnerability.

Risk Information

Base Score
6.2
MODERATE
Vector
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.43

Associated Vulnerability

VulnerabilityOS Platform
Security Update for Windows XP (KB2121546)Windows
Security Update for Windows Server 2003 (KB2121546)Windows
Security Update for Windows XP x64 Edition (KB2121546)Windows
Security Update for Windows Server 2003 x64 Edition (KB2121546)Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234