Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2010-4588

Published: 23/12/2010 Updated: 19/01/2011
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and previous versions allows remote malicious users to execute arbitrary code via a crafted argument to the ReleaseContext method, a different vector than CVE-2010-3973, possibly an untrusted pointer dereference.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft wmi administrative tools

Exploits

Exploit DB: Microsoft WMITools - ActiveX Remote Command Execution
Exploit-DB Notes: Original credit goes to "牛奶坦克" via WooYun: wwwwooyunorg/bugs/wooyun-2010-01006 <html> <object classid="clsid:2745E5F5-D234-11D0-847A-00C04FD7BB08" id="target"></object> <SCRIPT language="JavaScript"> //run calcexe var shellcode = unescape("%uc92b%ue983%ud9de%ud9ee%u2474%u5bf4%u7381% ...

References

CWE-94http://secunia.com/advisories/42693http://www.wooyun.org/bug.php?action=view&id=1006http://twitter.com/carsteneiram/status/17526155733110784http://www.kb.cert.org/vuls/id/725596http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspxhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/15809/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4956validationCVE-2024-35221remote attackersCVE-2023-30309CVE-2024-36112CVE-2024-23109CVE-2023-43850stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook