Microsoft Windows Color Control Panel Privilege Escalation Vulnerability Network Vulnerability

Summary

Microsoft Windows Server 2008 SP2 is prone to privilege escalation vulnerability. This NVT has been replaced by NVT secpod_ms12-012.nasl (OID:1.3.6.1.4.1.25623.1.0.902791).

Impact

Successful attempt could allow local attackers to bypass security restrictions and gain the privileges. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms12-012

Insight

The flaw is due to an error in the Color Control Panel, which allows attackers to gain privileges via a Trojan horse sti.dll file in the current working directory.

Affected

Microsoft Windows Server 2008 SP2

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5082
http://shinnai.altervista.org/exploits/SH-006-20100914.html
http://www.koszyk.org/b/archives/82

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-5082

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Flash Player Arbitrary Code Execution Vulnerability (Linux)
Adobe AIR Security Bypass Vulnerability Jan14 (Windows)
Adobe AIR Multiple Vulnerabilities-01 Jan15 (Windows)
Adobe Air Multiple Vulnerabilities - December12 (Windows)
Adobe Acrobat Multiple Vulnerabilities - Mac OS X

Take action and discover your vulnerabilities