 |
|
|
|
| Microsoft Windows Tracing Feature for Services security vulnerabilities | | Published: |  | 11.08.2010 | | Source: |  | MICROSOFT | | SecurityVulns ID: |  | 11057 | | Type: |  | local | | Level: |  | 5/10 | | Description: |  | Weak permissions on registry keys, buffer overflow on registry keys reading. |
| Affected: |  | MICROSOFT : Windows Vista | | | | MICROSOFT : Windows 2008 Server | | | | MICROSOFT : Windows 7 | | CVE: |  | CVE-2010-2555 (The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the length of strings in the registry, which allows local users to gain privileges or cause a denial of service (memory corruption) via vectors involving a long string, aka "Tracing Memory Corruption Vulnerability.") | | | | CVE-2010-2554 (The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 has incorrect ACLs on its registry keys, which allows local users to gain privileges via vectors involving a named pipe and impersonation, aka "Tracing Registry Key ACL Vulnerability.") |
|
|
|
|
|
|
|
|
