Published: 06/05/2010 Updated: 07/07/2021
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
VMScore: 495
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

The SfnLOGONNOTIFY function in win32k.sys in the kernel in Microsoft Windows 2000, XP, and Server 2003 allows local users to cause a denial of service (system crash) via a 0x4c value in the second argument (aka the Msg argument) of a PostMessage function call for the DDEMLEvent window.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows 2000 -

microsoft windows 2000

microsoft windows xp -

microsoft windows xp

microsoft windows 2003 server

microsoft windows server 2003

microsoft windows xp sp3


/* Windows 2000/XP/2003 win32ksys SfnLOGONNOTIFY local kernel Denial of Service Vulnerability Effect : Microsoft Windows 2000/XP/2003 full patch Author:MJ0011 Published: 2010-04-22 Vulnerability Details: Win32ksys in DispatchMessage when the last call to xxxDefWindowProc, this function in dealing with some Message, will call gapfnScSend ...