VYPR
Unrated severityNVD Advisory· Published Feb 10, 2010· Updated Jun 16, 2026

CVE-2010-0023

CVE-2010-0023

Description

The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly kill processes after a logout, which allows local users to obtain sensitive information or gain privileges via a crafted application that continues to execute throughout the logout of one user and the login session of the next user, aka "CSRSS Local Privilege Elevation Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
  • Range: 2000 SP4, XP SP2/SP3, Server 2003 SP2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.