Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2010-3228 | First vendor Publication | 2010-10-13 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms does not properly perform optimizations, which allows remote attackers to execute arbitrary code via a crafted .NET application that triggers memory corruption, aka ".NET Framework x64 JIT Compiler Vulnerability." |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3228 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:6824 | |||
| Oval ID: | oval:org.mitre.oval:def:6824 | ||
| Title: | .NET Framework x64 JIT Compiler Vulnerability | ||
| Description: | The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms does not properly perform optimizations, which allows remote attackers to execute arbitrary code via a crafted .NET application that triggers memory corruption, aka ".NET Framework x64 JIT Compiler Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3228 | Version: | 10 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft .NET Framework |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 68556 | Microsoft .NET Framework x64 JIT Compiler Unprivileged Application Remote Cod... Microsoft .NET Framework contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to an unspecified error in the JIT compiler while optimizing code, which can be exploited to corrupt memory when a user visits a web page hosting a specially crafted XBAP (XAML browser application). |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft .NET framework EntityObject execution attempt RuleID : 18064 - Revision : 8 - Type : BROWSER-PLUGINS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-10-13 | Name : The version of the .NET Framework installed on the remote host allows arbitra... File : smb_nt_ms10-077.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:07:24 |
|
| 2024-11-28 12:22:48 |
|
| 2024-08-02 12:14:21 |
|
| 2024-08-02 01:03:54 |
|
| 2024-02-02 01:13:56 |
|
| 2024-02-01 12:03:49 |
|
| 2023-12-07 21:28:03 |
|
| 2023-09-05 12:12:58 |
|
| 2023-09-05 01:03:41 |
|
| 2023-09-02 12:13:02 |
|
| 2023-09-02 01:03:43 |
|
| 2023-08-12 12:15:30 |
|
| 2023-08-12 01:03:43 |
|
| 2023-08-11 12:13:05 |
|
| 2023-08-11 01:03:51 |
|
| 2023-08-06 12:12:35 |
|
| 2023-08-06 01:03:45 |
|
| 2023-08-04 12:12:40 |
|
| 2023-08-04 01:03:46 |
|
| 2023-07-14 12:12:37 |
|
| 2023-07-14 01:03:44 |
|
| 2023-03-29 01:14:27 |
|
| 2023-03-28 12:03:50 |
|
| 2022-10-11 12:11:15 |
|
| 2022-10-11 01:03:31 |
|
| 2020-11-24 12:06:16 |
|
| 2020-05-23 00:26:23 |
|
| 2019-02-26 17:19:34 |
|
| 2018-10-31 00:20:06 |
|
| 2018-10-13 00:22:59 |
|
| 2018-09-20 12:08:28 |
|
| 2017-09-19 09:23:55 |
|
| 2016-09-30 01:02:31 |
|
| 2016-08-05 12:02:36 |
|
| 2016-06-29 00:14:47 |
|
| 2016-04-26 20:03:50 |
|
| 2014-02-17 10:57:10 |
|
| 2014-01-19 21:27:06 |
|
| 2013-05-10 23:31:43 |
|
