9.3

CVE-2010-1885

Exploit
The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist (fromHCP option) and execute arbitrary commands via a crafted hcp:// URL, aka "Help Center URL Validation Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftWindows 2003 Server Updatesp2 Editionitanium
MicrosoftWindows Xp Updatesp2
MicrosoftWindows Xp Updatesp3
MicrosoftWindows Xp Version- Updatesp2 Editionx64
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 75.46% 0.995
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

http://www.us-cert.gov/cas/techalerts/TA10-194A.html
US Government Resource
http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0197.html
Exploit
http://blogs.technet.com/b/msrc/archive/2010/06/10/windows-help-vulnerability-disclosure.aspx
http://blogs.technet.com/b/srd/archive/2010/06/10/help-and-support-center-vulnerability-full-disclosure-posting.aspx
Vendor Advisory
http://secunia.com/advisories/40076
Vendor Advisory
http://www.exploit-db.com/exploits/13808
http://www.kb.cert.org/vuls/id/578319
US Government Resource
http://www.microsoft.com/technet/security/advisory/2219475.mspx
Vendor Advisory
http://www.securityfocus.com/archive/1/511774/100/0/threaded
http://www.securityfocus.com/archive/1/511783/100/0/threaded
http://www.securityfocus.com/bid/40725
Exploit
http://www.securitytracker.com/id?1024084
http://www.vupen.com/english/advisories/2010/1417
Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-042
https://exchange.xforce.ibmcloud.com/vulnerabilities/59267
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11733