Windows Kernel Symbolic Link Privilege Escalation in Microsoft Products
CVE-2010-0237

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 2000
Vendor: CVE Published:; 14 April 2010

What is CVE-2010-0237?

This vulnerability in the Windows kernel allows local users to exploit a weakness by creating a symbolic link from an untrusted registry hive to a trusted registry hive. By leveraging this flaw, attackers can escalate their privileges within the system, potentially executing unauthorized actions and accessing sensitive resources. Affected systems include Microsoft Windows 2000 SP4 and Windows XP SP2 and SP3.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.us-cert.gov/cas/techalerts/TA10-103A.html

third-party-advisoryx_refsource_CERT

Timeline

Vulnerability published
Apr 14, 2010
Vulnerability Reserved
Jan 7, 2010