Description
An unspecified API in Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 does not validate arguments, which allows local users to cause a denial of service (system crash) via a crafted application.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/56591
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1023656
Various Sources x_refsource_misc
http://www.scmagazineus.com/malta-researchers-find-windows-bug-that-crashes-pcs/article/164439/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/62660
Scores
EPSS
0.0184
EPSS Percentile
76.4%
Details
CWE
CWE-20
Status
published
Products (6)
microsoft/windows_2000
microsoft/windows_2003_server
microsoft/windows_7
microsoft/windows_server_2008
(2 CPE variants)
microsoft/windows_vista
microsoft/windows_xp
Published
Feb 26, 2010
Tracked Since
Feb 18, 2026