Memory Allocation Vulnerability in Microsoft Windows Products
CVE-2010-0236

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 2000
Vendor: CVE Published:; 14 April 2010

What is CVE-2010-0236?

The Windows operating system kernels in several versions do not appropriately allocate memory for destination keys associated with symbolic-link registry keys. This flaw can be exploited by local users through specially crafted applications to escalate privileges, potentially leading to unauthorized access and modification of system resources. The affected versions include Windows 2000 SP4, Windows XP SP2/SP3, Windows Server 2003 SP2, and Vista Gold, highlighting a critical security risk for systems still operating on these versions.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.us-cert.gov/cas/techalerts/TA10-103A.html

third-party-advisoryx_refsource_CERT

Timeline

Vulnerability published
Apr 14, 2010
Vulnerability Reserved
Jan 7, 2010