Vulnerability Description
The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka "Windows Kernel Exception Handler Vulnerability."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | - |
| Microsoft | Windows 7 | - |
| Microsoft | Windows Xp | - |
References
- http://blogs.technet.com/msrc/archive/2010/01/20/security-advisory-979682-releasBroken Link
- http://lists.immunitysec.com/pipermail/dailydave/2010-January/006000.htmlBroken Link
- http://lock.cmpxchg8b.com/c0af0967d904cef2ad4db766a00bc6af/KiTrap0D.zipBroken LinkExploit
- http://seclists.org/fulldisclosure/2010/Jan/341ExploitMailing ListThird Party Advisory
- http://secunia.com/advisories/38265Broken LinkVendor Advisory
- http://securitytracker.com/id?1023471Broken LinkThird Party AdvisoryVDB Entry
- http://www.microsoft.com/technet/security/advisory/979682.mspxBroken LinkPatchVendor Advisory
- http://www.securityfocus.com/archive/1/509106/100/0/threadedBroken LinkThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/37864Broken LinkExploitThird Party Advisory
- http://www.us-cert.gov/cas/techalerts/TA10-040A.htmlThird Party AdvisoryUS Government Resource
- http://www.vupen.com/english/advisories/2010/0179Broken LinkVendor Advisory
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-01PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55742Third Party AdvisoryVDB Entry
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Broken Link
- http://blogs.technet.com/msrc/archive/2010/01/20/security-advisory-979682-releasBroken Link
FAQ
What is CVE-2010-0232?
CVE-2010-0232 is a vulnerability with a CVSS score of 7.8 (HIGH). The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold an...
How severe is CVE-2010-0232?
CVE-2010-0232 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0232?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000, Microsoft Windows 7, Microsoft Windows Xp.