Executive Summary
Summary | |
---|---|
Title | Vulnerability in Windows Shell Handler Could Allow Remote Code Execution (975713) |
Informations | |||
---|---|---|---|
Name | MS10-007 | First vendor Publication | 2010-02-09 |
Vendor | Microsoft | Last vendor Modification | 2010-02-09 |
Severity (Vendor) | Critical | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.0 February 9, 2010): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft Windows 2000, Windows XP, and Windows Server 2003. Other versions of Windows are not impacted by this security update. The vulnerability could allow remote code execution if an application, such as a Web browser, passes specially crafted data to the ShellExecute API function through the Windows Shell Handler. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS10-007.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:8464 | |||
Oval ID: | oval:org.mitre.oval:def:8464 | ||
Title: | URL Validation Vulnerability | ||
Description: | The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attackers to execute arbitrary local programs via a crafted URL, aka "URL Validation Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0027 | Version: | 12 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-02-10 | Name : Microsoft Windows Shell Handler Could Allow Remote Code Execution Vulnerabili... File : nvt/secpod_ms10-007.nasl |
2010-01-22 | Name : Microsoft Internet Explorer Multiple Vulnerabilities (978207) File : nvt/secpod_ms10-002.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
62245 | Microsoft Windows Shell Handler ShellExecute API Crafted URL Arbitrary Comman... |
61909 | Microsoft IE Unspecified Crafted URL Handling Arbitrary Code Execution |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2010-02-18 | IAVM : 2010-A-0029 - Microsoft Windows Shell Handler Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0022683 |
Snort® IPS/IDS
Date | Description |
---|---|
2017-10-03 | Microsoft Windows Shell Handler remote code execution attempt RuleID : 44218 - Revision : 1 - Type : OS-WINDOWS |
2017-10-03 | Microsoft Windows Shell Handler remote code execution attempt RuleID : 44217 - Revision : 1 - Type : OS-WINDOWS |
2017-10-03 | Microsoft Windows Shell Handler remote code execution attempt RuleID : 44216 - Revision : 1 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows Shell Handler remote code execution attempt RuleID : 16414 - Revision : 14 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-02-09 | Name : An API function on the remote host has a code execution vulnerability. File : smb_nt_ms10-007.nasl - Type : ACT_GATHER_INFO |
2009-01-21 | Name : Arbitrary code can be executed on the remote host through a web browser. File : smb_nt_ms10-002.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-04-26 22:58:33 |
|
2014-02-17 11:46:27 |
|
2014-01-19 21:30:26 |
|
2013-11-11 12:41:15 |
|