CVE-2010-2739

Microsoft Windows - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-2739. PoCs published by Arkon.

AI-analyzed exploit summary This exploit leverages a vulnerability in Windows clipboard handling (CVE-2010-2739) by manipulating DEVMODE and BITMAPINFOHEADER structures to trigger a memory corruption issue. The code sets a malicious clipboard format (CF_DIBV5) and attempts to read it as CF_PALETTE, leading to a potential privilege escalation or denial-of-service condition.

Description

Buffer overflow in the CreateDIBPalette function in win32k.sys in Microsoft Windows XP SP3, Server 2003 R2 Enterprise SP2, Vista Business SP1, Windows 7, and Server 2008 SP2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by performing a clipboard operation (GetClipboardData API function) with a crafted bitmap with a palette that contains a large number of colors.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Arkon · clocalwindows
https://www.exploit-db.com/exploits/14566

This exploit leverages a vulnerability in Windows clipboard handling (CVE-2010-2739) by manipulating DEVMODE and BITMAPINFOHEADER structures to trigger a memory corruption issue. The code sets a malicious clipboard format (CF_DIBV5) and attempts to read it as CF_PALETTE, leading to a potential privilege escalation or denial-of-service condition.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Windows (multiple versions)
No auth needed
Prerequisites: Local access to the target system
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5

Scores

EPSS 0.0382
EPSS Percentile 88.7%

Details

CWE
CWE-119
Status published
Products (6)
microsoft/windows_2003_server
microsoft/windows_7
microsoft/windows_server_2003
microsoft/windows_server_2008
microsoft/windows_vista
microsoft/windows_xp
Published Sep 07, 2010
Tracked Since Feb 18, 2026