Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-0233

4 documents4 sources

Severity

7.2HIGH

EPSS

0.4%

top 40.36%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Windows 2000 Microsoft Windows Server 2008 Microsoft Windows Vista +1 more

Timeline

PublishedFeb 10

Latest updateMay 2

Description

Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application, aka "Windows Kernel Double Free Vulnerability."

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages4 packages

▶NVDmicrosoft/windows_2000sp4

▶NVDmicrosoft/windows_vistasp1, sp2+1

▶NVDmicrosoft/windowssp2

▶NVDmicrosoft/windows_xpsp3

🔴Vulnerability Details

GHSA

GHSA-xxv4-g7pv-f62m: Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold↗2022-05-02

▶

CVEList

CVE-2010-0233: Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold↗2010-02-10

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Windows XP/Vista/2000/2003 - Double-Free Memory Corruption Privilege Escalation↗2010-02-09

▶