 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.801358 |
| Category: | Windows : Microsoft Bulletins |
| Title: | Microsoft Windows Help and Support Center RCE Vulnerability |
| Summary: | Microsoft Windows is prone to a remote code execution (RCE); vulnerability.;; This VT has been deprecated and replaced by the VT 'Microsoft Help and Support Center Remote Code Execution; Vulnerability (2229593)' (OID: 1.3.6.1.4.1.25623.1.0.902080) |
| Description: | Summary: Microsoft Windows is prone to a remote code execution (RCE) vulnerability. This VT has been deprecated and replaced by the VT 'Microsoft Help and Support Center Remote Code Execution Vulnerability (2229593)' (OID: 1.3.6.1.4.1.25623.1.0.902080) Vulnerability Insight: The flaws are due to: - An error in the 'MPC::HTML::UrlUnescapeW()' function within the Help and Support Center application (helpctr.exe) that does not properly check the return code of 'MPC::HexToNum()' when escaping URLs, which could allow attackers to bypass whitelist restrictions and invoke arbitrary help files. - An input validation error in the 'GetServerName()' function in the 'C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\commonFunc.js' script invoked via 'ShowServerName()' in 'C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysinfomain.htm', which could be exploited by attackers to execute arbitrary scripting code. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code or compromise a vulnerable system. Affected Software/OS: - Microsoft Windows XP Service Pack 2/3 - Microsoft Windows Server 2003 Service Pack 2 Solution: The vendor has released a patch for the issue. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-1885 BugTraq ID: 40725 http://www.securityfocus.com/bid/40725 Bugtraq: 20100609 Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly (Google Search) http://www.securityfocus.com/archive/1/511774/100/0/threaded Bugtraq: 20100610 Re: Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly (Google Search) http://www.securityfocus.com/archive/1/511783/100/0/threaded Cert/CC Advisory: TA10-194A http://www.us-cert.gov/cas/techalerts/TA10-194A.html CERT/CC vulnerability note: VU#578319 http://www.kb.cert.org/vuls/id/578319 http://www.exploit-db.com/exploits/13808 http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0197.html http://blogs.technet.com/b/msrc/archive/2010/06/10/windows-help-vulnerability-disclosure.aspx Microsoft Security Bulletin: MS10-042 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-042 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11733 http://www.securitytracker.com/id?1024084 http://secunia.com/advisories/40076 http://www.vupen.com/english/advisories/2010/1417 XForce ISS Database: ms-win-helpctr-command-execution(59267) https://exchange.xforce.ibmcloud.com/vulnerabilities/59267 Common Vulnerability Exposure (CVE) ID: CVE-2010-2265 BugTraq ID: 40721 http://www.securityfocus.com/bid/40721 http://blogs.technet.com/b/srd/archive/2010/06/10/help-and-support-center-vulnerability-full-disclosure-posting.aspx http://www.microsoft.com/technet/security/advisory/2219475.mspx |
| Copyright | Copyright (C) 2010 Greenbone AG |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |