4.9
CVE-2010-1735
- EPSS 0.88%
- Published 06.05.2010 12:47:23
- Last modified 11.04.2025 00:51:21
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The SfnLOGONNOTIFY function in win32k.sys in the kernel in Microsoft Windows 2000, XP, and Server 2003 allows local users to cause a denial of service (system crash) via a 0x4c value in the second argument (aka the Msg argument) of a PostMessage function call for the DDEMLEvent window.
Data is provided by the National Vulnerability Database (NVD)
Microsoft ≫ Windows 2000 Update-
Microsoft ≫ Windows 2000 Updatebeta3
Microsoft ≫ Windows 2000 Updategold
Microsoft ≫ Windows 2000 Updaterc1
Microsoft ≫ Windows 2000 Updaterc2
Microsoft ≫ Windows 2000 Updatesp1
Microsoft ≫ Windows 2000 Updatesp2
Microsoft ≫ Windows 2000 Updatesp3
Microsoft ≫ Windows 2000 Updatesp4
Microsoft ≫ Windows 2000 Version-
Microsoft ≫ Windows 2003 Server Updategold
Microsoft ≫ Windows 2003 Server Updategold Editionitanium
Microsoft ≫ Windows 2003 Server Updategold Editionx64
Microsoft ≫ Windows 2003 Server Updater2 Editionx64
Microsoft ≫ Windows 2003 Server Updatesp1
Microsoft ≫ Windows 2003 Server Updatesp2
Microsoft ≫ Windows 2003 Server Updatesp2 Editionitanium
Microsoft ≫ Windows Server 2003 Update-
Microsoft ≫ Windows Server 2003 Updatesp1
Microsoft ≫ Windows Server 2003 Updatesp2
Microsoft ≫ Windows Xp Editionx86
Microsoft ≫ Windows Xp Updategold
Microsoft ≫ Windows Xp Updategold Editionembedded
Microsoft ≫ Windows Xp Updategold Editionmedia_center
Microsoft ≫ Windows Xp Updategold Editionprofessional
Microsoft ≫ Windows Xp Updategold Editiontablet_pc
Microsoft ≫ Windows Xp Updatesp1
Microsoft ≫ Windows Xp Updatesp1 Editionembedded
Microsoft ≫ Windows Xp Updatesp1 Editionmedia_center
Microsoft ≫ Windows Xp Updatesp1 Editionprofessional
Microsoft ≫ Windows Xp Updatesp1 Editiontablet_pc
Microsoft ≫ Windows Xp Updatesp2
Microsoft ≫ Windows Xp Updatesp2 Editionembedded
Microsoft ≫ Windows Xp Updatesp2 Editionmedia_center
Microsoft ≫ Windows Xp Updatesp2 Editionprofessional
Microsoft ≫ Windows Xp Updatesp2 Editiontablet_pc
Microsoft ≫ Windows Xp Updatesp2 Editionx86
Microsoft ≫ Windows Xp Updatesp3
Microsoft ≫ Windows Xp Updatesp3 Editionx86
Microsoft ≫ Windows Xp Version-
Microsoft ≫ Windows Xp Version- Updategold Edition64-bit-2002
Microsoft ≫ Windows Xp Version- Updategold Edition64-bit-2003
Microsoft ≫ Windows Xp Version- Updategold Editionhome
Microsoft ≫ Windows Xp Version- Updategold Editionx64
Microsoft ≫ Windows Xp Version- Updatesp1 Editionhome
Microsoft ≫ Windows Xp Version- Updatesp2 Editionhome
Microsoft ≫ Windows Xp Version- Updatesp2 Editionx64
Microsoft ≫ Windows Xp Version- Updatesp3
Microsoft ≫ Windows Xp Version- Updatesp3 Editionembedded
Microsoft ≫ Windows Xp Version- Updatesp3 Editionhome
Microsoft ≫ Windows Xp Version- Updatesp3 Editionmedia_center
Microsoft ≫ Windows Xp Version- Updatesp3 Editionprofessional
Microsoft ≫ Windows Xp Version- Updatesp3 Editiontablet_pc
Microsoft ≫ Windows Xp Versionsp3
Microsoft ≫ Windows Xp Versionsp3 Updateunknown Editionenglish
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.88% | 0.746 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4.9 | 3.9 | 6.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.