CVE-2010-1891

CVE-2010-1891 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

The Client/Server Runtime Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2, when a Chinese, Japanese, or Korean locale is enabled, does not properly allocate memory for transactions, which allows local users to gain privileges via a crafted application, aka "CSRSS Local Elevation of Privilege Vulnerability."

Learn more about our Cis Benchmark Audit For Server Software.