Home

CVE-2010-2743

Description

The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by the Stuxnet worm, aka Win32k Keyboard Layout Vulnerability. NOTE: this might be a duplicate of CVE-2010-3888 or CVE-2010-3889.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C
EPSS Score
Exploitation Probability
8.884

Associated Vulnerability

VulnerabilityOS Platform
ms10-073: vulnerabilities in windows kernel-mode drivers could allow elevation of privilege for Windows XP (KB981957)Windows
ms10-073: vulnerabilities in windows kernel-mode drivers could allow elevation of privilege for Windows Server 2003 (KB981957)Windows
ms10-073: vulnerabilities in windows kernel-mode drivers could allow elevation of privilege for Windows Vista (KB981957) x86 based systemsWindows
ms10-073: vulnerabilities in windows kernel-mode drivers could allow elevation of privilege for Windows Vista (KB981957) x86 based systems for SP2Windows
ms10-073: vulnerabilities in windows kernel-mode drivers could allow elevation of privilege for Windows Server 2008 (KB981957) x86 based systemsWindows
ms10-073: vulnerabilities in windows kernel-mode drivers could allow elevation of privilege for Windows Server 2008 (KB981957) x86 based systems for SP2Windows
ms10-073: vulnerabilities in windows kernel-mode drivers could allow elevation of privilege for Windows 7 (KB981957)Windows
ms10-073: vulnerabilities in windows kernel-mode drivers could allow elevation of privilege for Windows XP x64 Edition (KB981957)Windows
ms10-073: vulnerabilities in windows kernel-mode drivers could allow elevation of privilege for Windows Server 2003 x64 Edition (KB981957)Windows
ms10-073: vulnerabilities in windows kernel-mode drivers could allow elevation of privilege for Windows Vista for x64-based Systems (KB981957)Windows
ms10-073: vulnerabilities in windows kernel-mode drivers could allow elevation of privilege for Windows Vista for x64-based Systems (KB981957) for SP2Windows
ms10-073: vulnerabilities in windows kernel-mode drivers could allow elevation of privilege for Windows Server 2008 x64 Edition (KB981957)Windows
ms10-073: vulnerabilities in windows kernel-mode drivers could allow elevation of privilege for Windows Server 2008 x64 Edition (KB981957) for SP2Windows
ms10-073: vulnerabilities in windows kernel-mode drivers could allow elevation of privilege for Windows 7 for x64-based Systems (KB981957)Windows
ms10-073: vulnerabilities in windows kernel-mode drivers could allow elevation of privilege for Windows Server 2008 R2 x64 Edition (KB981957)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-9254Security Update for Windows Vista (KB981957)
PATCH-9256Security Update for Windows Server 2008 (KB981957)
PATCH-9257Security Update for Windows 7 (KB981957)
PATCH-9261Security Update for Windows Vista for x64-based Systems (KB981957)
PATCH-9263Security Update for Windows Server 2008 x64 Edition (KB981957)
PATCH-9264Security Update for Windows 7 for x64-based Systems (KB981957)
PATCH-9265Security Update for Windows Server 2008 R2 x64 Edition (KB981957)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234