CVE-2010-1885
Published Jun 15, 2010
Last updated 6 years ago
Overview
- Description
- The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist (fromHCP option) and execute arbitrary commands via a crafted hcp:// URL, aka "Help Center URL Validation Vulnerability."
- Source
- secure@microsoft.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-78
Evaluator
- Comment
- -
- Impact
- Per: http://blogs.technet.com/b/msrc/archive/2010/06/10/windows-help-vulnerability-disclosure.aspx "customers running Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2, are not vulnerable to this issue, or at risk of attack."
- Solution
- Per: http://blogs.technet.com/b/msrc/archive/2010/06/10/windows-help-vulnerability-disclosure.aspx "customers running Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2, are not vulnerable to this issue, or at risk of attack."
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6"
}
],
"operator": "OR"
}
]
}
]