4.6
CVSSv2

CVE-2010-1890

CVSSv4: NA | CVSSv3: NA | CVSSv2: 4.6 | VMScore: 560 | EPSS: 0.00043 | KEV: Not Included
Published: 11/08/2010 Updated: 21/11/2024

Vulnerability Summary

The kernel in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate ACLs on kernel objects, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Improper Validation Vulnerability."

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows 7

microsoft windows 7 -

microsoft windows server 2008

microsoft windows server 2008 -

microsoft windows vista

microsoft windows vista -

Exploits

Microsoft Windows nt!SeObjectCreateSaclAccessBits() missed ACE bounds checks ---------------------------------------------------------------------------- CVE-2010-1890 An ACE is an Access Control Entry, of which many may be attached to an ACL (Access Control List) On Windows, an ACL can be of type SACL or DACL (Discretionary vs System) The rout ...
Microsoft Windows suffers from missing ACE bounds checks in the routine nt!SeObjectCreateSaclAccessBits() Proof of concept code included ...