OSVDB ID: 66979

Title: Microsoft Windows win32k.sys Driver GreStretchBltInternal() Handling Local DoS

Info

Disclosure

Aug 10, 2010

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Aug 10, 2010

Description

Microsoft Windows contains a flaw that may allow a local, authenticated attacker to cause a denial of service. The issue is triggered when the 'hbmpItem' member of the 'MENUITEMINFO' structure in the 'xxxRealDrawMenuItem()' function is not properly validated, and will result in loss of availability for the platform.

Classification

Location: Local Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Solution: Patch / RCS
Exploit: Exploit Public
Disclosure: Vendor Verified
OSVDB: Authentication Required

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

Products

Microsoft Corporation	Windows XP	SP3
	Windows XP	Professional x64 Edition SP2
	Windows Vista	SP1
		SP2
		x64 Edition SP1
		x64 Edition SP2
	Windows Server 2008	SP2
		for Itanium-based Systems
		SP0
		for Itanium-based Systems SP2
	Windows Server 2003	SP2
		x64 Edition SP2
		with SP2 for Itanium-based Systems
	Windows Server 2008 R2	for Itanium-based Systems
	Windows Server 2008 R2	for x64-based Systems
	Windows 7	SP0

References

Exploit Database: 14669
CVE ID: 2010-1887 (see also: NVD)
Microsoft Knowledge Base Article: 2160329
Secunia Advisory ID: 40878 41029
Related OSVDB ID: 66980 66981 66982 66983
Microsoft Security Bulletin: MS10-048

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/66979

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Windows XP

Windows Vista

Windows Server 2008

Windows Server 2003

Windows Server 2008 R2

Windows 7

References

Credit