Windows OpenType Compact Font Format Memory Corruption Error Lets Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1024074 |
|
SecurityTracker URL: http://securitytracker.com/id/1024074
|
|
CVE Reference:
CVE-2010-0819
(Links to External Site)
|
Date: Jun 8 2010
|
Impact:
Root access via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 2000 SP4, 2003 SP2, Vista SP2, 2008 SP2, 2008 R2, XP SP3, 7; and prior service packs
|
Description:
A vulnerability was reported in Windows OpenType Compact Font Format processing. A local user can obtain elevated privileges on the target system.
A local user can run a specially crafted program to execute arbitrary code on the target system with kernel level privileges.
Chris Carton of Laserforce International reported this vulnerability via Secunia.
|
Impact:
A local user can obtain kernel level privileges on the target system.
|
Solution:
The vendor has issued the following fixes:
Microsoft Windows 2000 Service Pack 4:
http://www.microsoft.com/downloads/details.aspx?familyid=5D645891-31E9-42C4-B12B-EB351473FD0C
Windows XP Service Pack 2 and Windows XP Service Pack 3:
http://www.microsoft.com/downloads/details.aspx?familyid=B42A17C5-997E-4504-BA5B-BFA62166B460
Windows XP Professional x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=DC835B94-3368-4C1C-8F29-40517C73540E
Windows Server 2003 Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=CA49B5B5-DB8E-4EBC-9A3C-B1ACE09AC3C0
Windows Server 2003 x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=B0794E7E-C925-4672-B7A5-4BB3F847F045
Windows Server 2003 with SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=6E76EBEA-BDE1-4352-A283-DD71C2CC51A1
Windows Vista Service Pack 1 and Windows Vista Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=363B503A-2E1E-4284-A029-9695D2ACFCB6
Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=3F512B86-3A99-47F7-A90E-1AE9B291385C
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=E78AD607-D209-48C4-B0F3-ED4C70993174
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=85F6FC5D-EFD1-4351-B4C0-B9B7080E6173
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=C6F1AAE5-E8FD-4121-89B2-B97C571E8223
Windows 7 for 32-bit Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=969AF8D6-F6DA-4DD1-A7D7-2DE54A5A8978
Windows 7 for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=B069E5B2-AA2D-452E-B687-8734B5BA0051
Windows Server 2008 R2 for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=45242C7C-3752-44BF-A766-024AD7D28F53
Windows Server 2008 R2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=0A271FB5-DA5B-4A17-9593-E56B9A843B8F
A restart is required.
The Microsoft advisory is available at:
http://www.microsoft.com/technet/security/bulletin/ms10-037.mspx
|
Vendor URL: www.microsoft.com/technet/security/bulletin/ms10-037.mspx (Links to External Site)
|
Cause:
Access control error, Input validation error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 08 Jun 2010 19:09:20 +0000
Subject: http://www.microsoft.com/technet/security/bulletin/ms10-037.mspx
|
Microsoft Security Bulletin MS10-037 - Important: Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Elevation of Privilege (980218)
CVE-2010-0819
|
|
