Executive Summary
Summary | |
---|---|
Title | Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution (2387149) |
Informations | |||
---|---|---|---|
Name | MS10-074 | First vendor Publication | 2010-10-12 |
Vendor | Microsoft | Last vendor Modification | 2010-10-12 |
Severity (Vendor) | Moderate | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.0 (October 12, 2010): Bulletin published.Summary: This security update resolves a publicly disclosed vulnerability in the Microsoft Foundation Class (MFC) Library. The vulnerability could allow remote code execution if a user is logged on with administrative user rights and opens an application built with the MFC Library. An attacker who successfully exploited this vulnerability could obtain the same permissions as the currently logged-on user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS10-074.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 | |
Os | 1 | |
Os | 2 | |
Os | 2 | |
Os | 2 |
OpenVAS Exploits
Date | Description |
---|---|
2010-10-13 | Name : Microsoft Foundation Classes Could Allow Remote Code Execution Vulnerability ... File : nvt/secpod_ms10-074.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
68585 | Microsoft Foundation Classes (MFC) Library Window Title Handling Remote Overflow Microsoft Foundation Classes Library is prone to an overflow condition. The 'UpdateFrameTitleForDocument' method in the 'CFrameWnd' class in 'mfc42.dll' fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted long window title, a context-dependent attacker can potentially execute arbitrary code. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2010-10-14 | IAVM : 2010-B-0091 - Microsoft Foundation Classes Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0025532 |
Snort® IPS/IDS
Date | Description |
---|---|
2017-11-02 | ZIP file name overflow attempt RuleID : 44473 - Revision : 2 - Type : FILE-OTHER |
2014-01-10 | ZIP file name overflow attempt RuleID : 21484 - Revision : 18 - Type : FILE-OTHER |
2014-01-10 | Microsoft Windows MFC Document title updating buffer overflow attempt RuleID : 19212 - Revision : 7 - Type : EXPLOIT |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-10-13 | Name : It is possible to execute arbitrary code on the remote Windows host through t... File : smb_nt_ms10-074.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:46:42 |
|
2013-11-11 12:41:18 |
|