CVE-2010-0819: Input Validation
First published: Tue Jun 08 2010(Updated: )
Unspecified vulnerability in the Windows OpenType Compact Font Format (CFF) driver in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users to execute arbitrary code via unknown vectors related to improper validation when copying data from user mode to kernel mode, aka "OpenType CFF Font Driver Memory Corruption Vulnerability."
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 2000 | =sp4 | |
| Microsoft Windows XP | =sp2 | |
| Microsoft Windows XP | =sp3 | |
| Microsoft Windows XP | =sp2 | |
| Microsoft Windows Server 2003 | =sp2 | |
| Microsoft Windows Server 2003 | =sp2 | |
| Microsoft Windows Server 2003 | =sp2 | |
| Microsoft Windows Vista | =sp1 | |
| Microsoft Windows Vista | =sp2 | |
| Microsoft Windows Vista | =sp1 | |
| Microsoft Windows Vista | =sp2 | |
| Microsoft Windows Server | ||
| Microsoft Windows Server | ||
| Microsoft Windows Server | ||
| Microsoft Windows Server | =sp2 | |
| Microsoft Windows Server | =sp2 | |
| Microsoft Windows Server | =sp2 | |
| Microsoft Windows 7 | ||
| Microsoft Windows Server | =r2 | |
| Microsoft Windows Server | =r2 | |
| Microsoft Windows Vista | =sp2 | |
| Microsoft Windows Vista | =sp1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.us-cert.gov/cas/techalerts/TA10-159B.html
- http://www.securityfocus.com/bid/40572
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58884
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7072
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-037
Frequently Asked Questions
What is the severity of CVE-2010-0819?
CVE-2010-0819 is classified as a critical vulnerability due to its ability to allow local users to execute arbitrary code.
How do I fix CVE-2010-0819?
To fix CVE-2010-0819, ensure that your operating system is updated with the latest security patches provided by Microsoft.
What operating systems are affected by CVE-2010-0819?
CVE-2010-0819 affects Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Windows 7.
What does CVE-2010-0819 vulnerability allow attackers to do?
CVE-2010-0819 allows local users to execute arbitrary code on affected systems.
Is there a known exploit for CVE-2010-0819?
There is currently no publicly available exploit for CVE-2010-0819, but the vulnerability remains critical due to its potential impact.
- agent/type
- agent/references
- agent/weakness
- agent/description
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-historical
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft windows 2000
- version/microsoft windows 2000/sp4
- canonical/microsoft windows xp
- version/microsoft windows xp/sp2
- version/microsoft windows xp/sp3
- canonical/microsoft windows server 2003
- version/microsoft windows server 2003/sp2
- canonical/microsoft windows vista
- version/microsoft windows vista/sp1
- version/microsoft windows vista/sp2
- canonical/microsoft windows server
- version/microsoft windows server/sp2
- canonical/microsoft windows 7
- version/microsoft windows server/r2