What is the severity of CVE-2010-1255?

CVE-2010-1255 has a severity rating of critical due to its ability to allow local users to execute arbitrary code.

How do I fix CVE-2010-1255?

To fix CVE-2010-1255, users should update their Microsoft Windows operating system to the latest security patches provided by Microsoft.

What is the impact of CVE-2010-1255 on affected systems?

CVE-2010-1255 can potentially allow an attacker to take full control of the affected system, compromising system integrity and confidentiality.

What versions of Windows are affected by CVE-2010-1255?

CVE-2010-1255 affects various versions including Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Windows 7, and Server 2008 R2.

Is there a workaround for CVE-2010-1255 if I cannot apply the patch?

There is currently no known workaround for CVE-2010-1255; the best mitigation is to apply security updates as they become available.

Vulnerability/
CVE-2010-1255

medium

6.8

CWE

8/6/2010

7/8/2024

CVE-2010-1255: Code Injection

First published: Tue Jun 08 2010(Updated: )

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 allows local users to execute arbitrary code via vectors related to "glyph outline information" and TrueType fonts, aka "Win32k TrueType Font Parsing Vulnerability."

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Windows 2000	=sp4
Microsoft Windows XP	=sp2
Microsoft Windows XP	=sp3
Microsoft Windows XP	=sp2
Microsoft Windows Server 2003	=sp2
Microsoft Windows Server 2003	=sp2
Microsoft Windows Server 2003	=sp2
Microsoft Windows Vista	=sp1
Microsoft Windows Vista	=sp2
Microsoft Windows Vista	=sp1
Microsoft Windows Vista	=sp2
Microsoft Windows Server
Microsoft Windows Server
Microsoft Windows Server
Microsoft Windows Server	=sp2
Microsoft Windows Server	=sp2
Microsoft Windows Server	=sp2
Microsoft Windows 7
Microsoft Windows Server	=r2
Microsoft Windows Server	=r2
Microsoft Windows Vista	=sp2
Microsoft Windows Vista	=sp1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-1255?
CVE-2010-1255 has a severity rating of critical due to its ability to allow local users to execute arbitrary code.
How do I fix CVE-2010-1255?
To fix CVE-2010-1255, users should update their Microsoft Windows operating system to the latest security patches provided by Microsoft.
What is the impact of CVE-2010-1255 on affected systems?
CVE-2010-1255 can potentially allow an attacker to take full control of the affected system, compromising system integrity and confidentiality.
What versions of Windows are affected by CVE-2010-1255?
CVE-2010-1255 affects various versions including Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Windows 7, and Server 2008 R2.
Is there a workaround for CVE-2010-1255 if I cannot apply the patch?
There is currently no known workaround for CVE-2010-1255; the best mitigation is to apply security updates as they become available.

agent/references
agent/type
agent/severity
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/source
agent/author
agent/softwarecombine
agent/tags
collector/nvd-api
agent/software-canonical-lookup-request
collector/nvd-historical
collector/nvd-index
vendor/microsoft
canonical/microsoft windows 2000
version/microsoft windows 2000/sp4
canonical/microsoft windows xp
version/microsoft windows xp/sp2
version/microsoft windows xp/sp3
canonical/microsoft windows server 2003
version/microsoft windows server 2003/sp2
canonical/microsoft windows vista
version/microsoft windows vista/sp1
version/microsoft windows vista/sp2
canonical/microsoft windows server
version/microsoft windows server/sp2
canonical/microsoft windows 7
version/microsoft windows server/r2