| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS10-099 | Vulnerability in Routing and Remote Access Could Allow Elevation of Privilege (2440591) | Windows XP | Critical | 15-12-2010 |
Technical Information
Brief overview of the risk:
This security update addresses a privately reported vulnerability in the Routing and Remote Access NDProxy component of Microsoft Windows. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003.
Detailed Information on the risk:
An elevation of privilege vulnerability exists in the Routing and Remote Access NDProxy component of the Windows kernel due to improper validation of input passed from user mode to the kernel. The vulnerability could allow an attacker to run code with elevated privileges. A local attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system.
Further information on this exploit is available at : MS10-099
Affected Software
Windows XP Service Pack 3Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems