Denial of Service Vulnerability in Microsoft Windows 2000, XP, and Server 2003
CVE-2010-1734

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows 2003 Server
Windows Xp
Windows 2000
Windows Server 2003
Vendor
CVE Published:
6 May 2010

What is CVE-2010-1734?

The SfnINSTRING function within the win32k.sys component of Microsoft Windows 2000, XP, and Server 2003 is susceptible to a denial of service vulnerability. This issue arises when local users invoke a PostMessage function call for the DDEMLEvent window, leveraging an improper 0x18d value in the Msg argument. Such exploitation can result in a system crash, disrupting service continuity and affecting overall system stability.

References

http://www.securityfocus.com/bid/39631
vdb-entryx_refsource_BID
http://secunia.com/advisories/39456
third-party-advisoryx_refsource_SECUNIA
http://vigilance.fr/vulnerability/Windows-denials-of-serv...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2010-1734 : Denial of Service Vulnerability in Microsoft Windows 2000, XP, and Server 2003