Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2010-1895

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, do not properly perform memory allocation before copying user-mode data to kernel mode, which allows local users to gain privileges via a crafted application, aka "Win32k Pool Overflow Vulnerability."

  • Published: Aug 11, 2010
  • Updated: Apr 13, 2023
  • CVE: CVE-2010-1895
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.2
  • AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs: