Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-1735

CWE-20Improper Input Validation5 documents4 sources
Severity
4.9MEDIUM
EPSS
0.9%
top 24.72%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Windows XP
Timeline
PublishedMay 6
Latest updateMay 13

Description

The SfnLOGONNOTIFY function in win32k.sys in the kernel in Microsoft Windows 2000, XP, and Server 2003 allows local users to cause a denial of service (system crash) via a 0x4c value in the second argument (aka the Msg argument) of a PostMessage function call for the DDEMLEvent window.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-w766-jw89-5224: The SfnLOGONNOTIFY function in win32k2022-05-13
CVEList
CVE-2010-1735: The SfnLOGONNOTIFY function in win32k2010-05-05

💥Exploits & PoCs

2
Exploit-DB
Blackmoon FTP 3.1 Build 1735/1736 - Denial of Service2011-01-13
Exploit-DB
Microsoft Windows XP/2000/2003 - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service2010-04-22
CVE-2010-1735 (MEDIUM CVSS 4.9) | The SfnLOGONNOTIFY function in win3 | cvebase.io