CVE-2010-2739

Microsoft Windows - Buffer Overflow

Title source: llm

Description

Buffer overflow in the CreateDIBPalette function in win32k.sys in Microsoft Windows XP SP3, Server 2003 R2 Enterprise SP2, Vista Business SP1, Windows 7, and Server 2008 SP2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by performing a clipboard operation (GetClipboardData API function) with a crafted bitmap with a palette that contains a large number of colors.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Arkon · clocalwindows

https://www.exploit-db.com/exploits/14566

View Code ZIP pw:eip

References (5)

[Vendor Advisory] http://blogs.technet.com/b/msrc/archive/2010/08/10/update-on-the-publicly-disclosed-win32k-sys-eop-vulnerability.aspx

[Vendor Advisory] http://secunia.com/advisories/40870

[Exploit] http://www.ragestorm.net/blogs/?p=255

[Vendor Advisory] http://www.vupen.com/english/advisories/2010/2029

[Vendor Advisory] https://msrc.microsoft.com/blog/2010/08/update-on-the-publicly-disclosed-win32k-sys-eop-vulnerability/

Scores

EPSS 0.0089

EPSS Percentile 75.6%

Details

CWE

CWE-119

Status published

Products (6)

microsoft/windows_2003_server

microsoft/windows_7

microsoft/windows_server_2003

microsoft/windows_server_2008

microsoft/windows_vista

microsoft/windows_xp

Published Sep 07, 2010

Tracked Since Feb 18, 2026