Описание
The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted argument to the AddContextRef method, possibly an untrusted pointer dereference, aka "Microsoft WMITools ActiveX Control Vulnerability."
The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted argument to the AddContextRef method, possibly an untrusted pointer dereference, aka "Microsoft WMITools ActiveX Control Vulnerability."
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-3973
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-027
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64250
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12475
- http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx
- http://secunia.com/advisories/42693
- http://www.exploit-db.com/exploits/15809
- http://www.kb.cert.org/vuls/id/725596
- http://www.securityfocus.com/bid/45546
- http://www.vupen.com/english/advisories/2010/3301
- http://www.wooyun.org/bug.php?action=view&id=1006
Связанные уязвимости
The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted argument to the AddContextRef method, possibly an untrusted pointer dereference, aka "Microsoft WMITools ActiveX Control Vulnerability."