Vulnerability in N/a
CVE-2010-0232
The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applicatio…
EPSS: 0.755 (98.9th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
CISA KEV (Known Exploited Vulnerabilities)
This CVE is on the CISA KEV catalog, added on . CISA KEV inclusion means CISA has confirmed in-the-wild exploitation; US federal agencies are required to remediate within a published due date.
BOD 22-01 due date: .
Required action: Apply updates per vendor instructions.
Public proof-of-concept exploits
References
- [dailydave] 20100119 We hold these axioms to be self evident (mailing-list, x_refsource_MLIST)
- lock.cmpxchg8b.com/c0af0967d904cef2ad4db766a00bc6af/KiTrap0D.zip (x_refsource_MISC)
- blogs.technet.com/msrc/archive/2010/01/20/security-advisory-979682-released.aspx (x_refsource_CONFIRM)
- MS10-015 (x_refsource_MS, vendor-advisory)
- www.microsoft.com/technet/security/advisory/979682.mspx (x_refsource_CONFIRM)
- TA10-040A (x_refsource_CERT, third-party-advisory)
- 1023471 (vdb-entry, x_refsource_SECTRACK)
- 20100119 Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack (mailing-list, x_refsource_FULLDISC)
- ADV-2010-0179 (vdb-entry, x_refsource_VUPEN)
- 37864 (vdb-entry, x_refsource_BID)
Frequently asked questions
- What is CVE-2010-0232?
- CVE-2010-0232 is a vulnerability in N/a. Published 2010-01-21.
- Is CVE-2010-0232 known to be exploited?
- Yes. CVE-2010-0232 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2022-03-03), indicating it is being actively exploited. 21 public proof-of-concept repositories are indexed.