CVE-2010-2739 Information

Description

Buffer overflow in the CreateDIBPalette function in win32k.sys in Microsoft Windows XP SP3 Server 2003 R2 Enterprise SP2 Vista Business SP1 Windows 7 and Server 2008 SP2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by performing a clipboard operation (GetClipboardData API function) with a crafted bitmap with a palette that contains a large number of colors.

Reference

http://blogs.technet.com/b/msrc/archive/2010/08/10/update-on-the-publicly-disclosed-win32k-sys-eop-vulnerability.aspx http://secunia.com/advisories/40870 http://www.ragestorm.net/blogs/?p=255 http://www.vupen.com/english/advisories/2010/2029