Published: 08/10/2010 Updated: 11/10/2010

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 730

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified by Kaspersky Lab researchers and other researchers.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows

# Exploit Title: Windows Task Scheduler Privilege Escalation 0day # Date: 20-11-2010 # Author: webDEViL # Tested on: Windows 7/2008 x86/x64 <job id="tasksch-wD-0day"> <script language="Javascript"> crc_table = new Array( 0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA, 0x076DC419, 0x706AF48F, 0xE963A535, 0x9E6495A3, 0x0EDB8832, 0x ...

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # metasploitcom/ ## require 'msf/core' require 'msf/core/post/common' require 'rex' require 'zlib' class Metasploit3 < Msf::Ex ...

NVD-CWE-noinfo http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute7.xml http://www.computerworld.com/s/article/9185919/Is_Stuxnet_the_best_malware_ever_http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2010/20100716 http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute8.xml http://www.symantec.com/connect/blogs/stuxnet-using-three-additional-zero-day-vulnerabilities http://www.securelist.com/en/blog/2291/Myrtus_and_Guava_Episode_MS10_061 https://nvd.nist.gov https://www.exploit-db.com/exploits/15589/

CVE-2010-3888

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect