Executive Summary

Summary
Title Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2385678)
Informations
Name MS10-095 First vendor Publication 2010-12-14
Vendor Microsoft Last vendor Modification 2010-12-14
Severity (Vendor) Important Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V1.0 (December 14, 2010): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a file type such as .eml and .rss (Windows Live Mail) or .wpost (Microsoft Live Writer) located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.

Original Source

Url : http://www.microsoft.com/technet/security/bulletin/MS10-095.mspx

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12163
 
Oval ID: oval:org.mitre.oval:def:12163
Title: BranchCache Insecure Library Loading Vulnerability
Description: Untrusted search path vulnerability in Microsoft Windows Server 2008 R2 and Windows 7, when BranchCache is supported, allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an EML file, an RSS file, or a WPOST file, aka "BranchCache Insecure Library Loading Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3966
Version: 6
Platform(s): Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 1
Os 2

OpenVAS Exploits

Date Description
2010-12-15 Name : Microsoft Windows BranchCache Remote Code Execution Vulnerability (2385678)
File : nvt/secpod_ms10-095.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
69816 Microsoft Windows BranchCache Path Subversion Arbitrary DLL Injection Code Ex...

Microsoft Windows contains a flaw related to certain applications insecurely loading a BranchCache DLL library. The issue is triggered when a context-dependent attacker tricks a user into opening a '.eml', '.rss' or '.wpost' file, allowing the execution of arbitrary code.

Snort® IPS/IDS

Date Description
2016-03-14 Microsoft Windows wininet request for peerdistsvc.dll over SMB attempt
RuleID : 36805 - Revision : 3 - Type : OS-WINDOWS
2016-03-14 Microsoft Windows wininet peerdistsvc.dll dll-load exploit attempt
RuleID : 36804 - Revision : 3 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows wininet peerdist.dll dll-load exploit attempt
RuleID : 18209 - Revision : 13 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows wininet peerdist.dll dll-load exploit attempt
RuleID : 18208 - Revision : 14 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

Date Description
2010-12-15 Name : Arbitrary code can be executed on the remote host through Windows BranchCache.
File : smb_nt_ms10-095.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-02-17 11:46:47
  • Multiple Updates
2014-01-19 21:30:34
  • Multiple Updates