ByteOS Network

CVE Vulnerability Details :

CVE-2010-3957

PUBLISHED

More Info Official Page

Assigner-microsoft

Assigner Org ID-f38d906d-7342-40ea-92c1-6c4a2c6478c8

Published At-16 Dec, 2010 | 19:00

Updated At-21 Jan, 2025 | 17:35

▼CVE Numbering Authority (CNA)

Double free vulnerability in the OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted OpenType font, aka "OpenType Font Double Free Vulnerability."

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://www.us-cert.gov/cas/techalerts/TA10-348A.html	third-party-advisory x_refsource_CERT
http://www.securitytracker.com/id?1024873	vdb-entry x_refsource_SECTRACK
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12329	vdb-entry signature x_refsource_OVAL
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-091	vendor-advisory x_refsource_MS

Hyperlink: http://www.us-cert.gov/cas/techalerts/TA10-348A.html

Resource:

third-party-advisory

x_refsource_CERT

Hyperlink: http://www.securitytracker.com/id?1024873

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12329

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-091

Resource:

vendor-advisory

x_refsource_MS

▼Authorized Data Publishers (ADP)

1. CVE Program Container

References

Hyperlink	Resource
http://www.us-cert.gov/cas/techalerts/TA10-348A.html	third-party-advisory x_refsource_CERT x_transferred
http://www.securitytracker.com/id?1024873	vdb-entry x_refsource_SECTRACK x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12329	vdb-entry signature x_refsource_OVAL x_transferred
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-091	vendor-advisory x_refsource_MS x_transferred

Hyperlink: http://www.us-cert.gov/cas/techalerts/TA10-348A.html

Resource:

third-party-advisory

x_refsource_CERT

x_transferred

Hyperlink: http://www.securitytracker.com/id?1024873

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12329

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-091

Resource:

vendor-advisory

x_refsource_MS

x_transferred

2. CISA ADP Vulnrichment

Problem Types

Type	CWE ID	Description
CWE	CWE-415	CWE-415 Double Free

Type: CWE

CWE ID: CWE-415

Description: CWE-415 Double Free

Metrics

Version	Base score	Base severity	Vector
3.1	7.3	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 7.3

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References