CVE-2010-3963

high

Description

Buffer overflow in the Routing and Remote Access NDProxy component in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, related to the Routing and Remote Access service (RRAS) and improper copying from user mode to the kernel, aka "Kernel NDProxy Buffer Overflow Vulnerability."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12461

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-099

http://www.vupen.com/english/advisories/2010/3221

http://www.us-cert.gov/cas/techalerts/TA10-348A.html

http://www.securitytracker.com/id?1024881

http://www.securityfocus.com/bid/45269

http://secunia.com/advisories/42613

http://osvdb.org/69823

Details

Source: Mitre, NVD

Published: 2010-12-16

Updated: 2019-02-26

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High