7.8

CVE-2010-1889

EPSS 0.94%
Published 11.08.2010 18:47:50
Last modified 11.04.2025 00:51:21
Source secure@microsoft.com
Teams watchlist Login
Open Login

Double free vulnerability in the kernel in Microsoft Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2, allows local users to gain privileges via a crafted application, related to object initialization during error handling, aka "Windows Kernel Double Free Vulnerability."

Affected products Warnungen 0 Metrics 3 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows Server 2008 Editionitanium

Microsoft ≫ Windows Server 2008 Editionx32

Microsoft ≫ Windows Server 2008 Editionx64

Microsoft ≫ Windows Server 2008 Updatesp2 Editionx32

Microsoft ≫ Windows Server 2008 Updatesp2 Editionx64

Microsoft ≫ Windows Server 2008 Version- Editionitanium

Microsoft ≫ Windows Server 2008 Version- Updatesp2 Editionitanium

Microsoft ≫ Windows Vista Updatesp1

Microsoft ≫ Windows Vista Updatesp2

Microsoft ≫ Windows Vista Version- Updatesp1

Microsoft ≫ Windows Vista Version- Updatesp2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.94%	0.75

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

http://www.us-cert.gov/cas/techalerts/TA10-222A.html

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-047

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11044

https://nvd.nist.gov/vuln/detail/CVE-2010-1889

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-1889

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-1889

EUVD