Vulnerability CVE-2010-0819 - CERT Civis.Net

Vulnerability Name:

CVE-2010-0819 (CCN-58884)

Assigned:

2010-06-08

Published:

2010-06-08

Updated:

2018-10-30

Summary:

Unspecified vulnerability in the Windows OpenType Compact Font Format (CFF) driver in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users to execute arbitrary code via unknown vectors related to improper validation when copying data from user mode to kernel mode, aka "OpenType CFF Font Driver Memory Corruption Vulnerability."

CVSS v3 Severity:

9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Privileges

References:

Source: MITRE
Type: CNA
CVE-2010-0819

Source: CCN
Type: SA38176
Microsoft Windows OpenType Compact Font Format Driver Vulnerability

Source: CCN
Type: Microsoft Security Bulletin MS12-078
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2783534)

Source: CCN
Type: Microsoft Security Bulletin MS13-005
Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2778930)

Source: CCN
Type: Microsoft Security Bulletin MS13-016
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2778344)

Source: CCN
Type: Microsoft Security Bulletin MS13-036
Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege (2829996)

Source: CCN
Type: Microsoft Security Bulletin MS13-046
Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege (2840221)

Source: CCN
Type: Microsoft Security Bulletin MS13-053
Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2850851)

Source: CCN
Type: Microsoft Security Bulletin MS13-076
Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege (2880407)

Source: CCN
Type: Microsoft Security Bulletin MS13-081
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2870008)

Source: CCN
Type: Microsoft Security Bulletin MS10-037
Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Elevation of Privilege (980218)

Source: CCN
Type: Microsoft Security Bulletin MS10-078
Vulnerability in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986)

Source: CCN
Type: Microsoft Security Bulletin MS10-091
Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Remote Code Execution (2296199)

Source: CCN
Type: Microsoft Security Bulletin MS11-007
Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2485376)

Source: CCN
Type: Microsoft Security Bulletin MS11-032
Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2507618)

Source: BID
Type: UNKNOWN
40572

Source: CCN
Type: BID-40572
Microsoft Windows OpenType Compact Font Format Driver Local Privilege Escalation Vulnerability

Source: CERT
Type: US Government Resource
TA10-159B

Source: MS
Type: UNKNOWN
MS10-037

Source: XF
Type: UNKNOWN
win-opentype-cff-priv-escalation(58884)

Source: XF
Type: UNKNOWN
win-opentype-cff-priv-escalation(58884)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:7072

Vulnerable Configuration:

Configuration 1:

cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*

Configuration 2:

cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*

Configuration 3:

cpe:/o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*

Configuration 4:

cpe:/o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*

Configuration 5:

cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:*

OR cpe:/o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*

OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*

Configuration 6:

cpe:/o:microsoft:windows_7:-:*:*:*:*:*:*:*

Configuration 7:

cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:*

OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*

Configuration CCN 1:

cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*

OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp1:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp2:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*

OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows_7:-:-:*:*:ultimate_n:*:x64:*

OR cpe:/o:microsoft:windows_7:-:*:*:*:*:*:x32:*

OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:*

OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:itanium:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:7072	V	OpenType CFF Font Driver Memory Corruption Vulnerability	2012-03-26