[Forgot Password]
Login  Register Subscribe

25354

 
 

132804

 
 

134312

 
 

909

 
 

108836

 
 

152

Paid content will be excluded from the download.


Download | Alert*
OVAL

Remote Code Execution Vulnerability in Windows Shell - MS10-046

ID: oval:org.secpod.oval:def:1378Date: (C)2011-07-07   (M)2019-10-07
Class: PATCHFamily: windows




The host is missing a Critical security update according to Microsoft security bulletin, MS10-046. The update is required to fix remote code execution vulnerability. A flaw is present in the Windows Shell, which fails to parse a malicious shortcut file and executes a malicious code when the operating system displays the icon of it. Successful exploitation allows an attacker to gain sensitive information such as same user rights as the logged-on user.

Platform:
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Reference:
MS10-046
CVE-2010-2568
CVE    1
CVE-2010-2568
CPE    35
cpe:/o:microsoft:windows_server_2008:-:gold:itanium
cpe:/o:microsoft:windows_server_2008:-::itanium
cpe:/o:microsoft:windows_vista::sp1:x64
cpe:/o:microsoft:windows_7:-:-:x32
...
XCCDF    8
xccdf_com.secpod_benchmark_microsoft-windows-server-2008
xccdf_com.secpod_benchmark_microsoft-windows-server-2003
xccdf_com.secpod_benchmark_microsoft-windows-7
xccdf_scaprepo.com_benchmark_microsoft-windows-server-2003
...

© SecPod Technologies