|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-03-15 | |
| Rule Name: | Microsoft WMI Administrative Tools Code Injection Vulnerability (CVE-2010-3973) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Multiple vulnerabilities have been reported in Microsoft Windows Management Instrumentation (WMI) Administrative Tools that could be exploited by remote attackers to compromise a vulnerable user's system. The vulnerabilities are due to the way "AddContextRef()" and "ReleaseContext()" methods of the WMI Object Viewer control improperly handle the "lCtxHandle" parameter. Remote, unauthenticated attackers could exploit this vulnerability by enticing an unsuspecting user to process a malicious web page. This can lead to code execution on their system under the context of the affected application. | |
| Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows | |
| Reference: | ExploitDB:15809 SecurityFocusBID:45546 MicrosoftSecurityBulletin:ms11-027 http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: http://technet.microsoft.com/en-us/security/bulletin/ms11-027 |