CVE-2010-0483: Code Injection
First published: Wed Mar 03 2010(Updated: )
vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with a crafted .hlp file in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution involving winhlp32.exe when the F1 key is pressed, aka "VBScript Help Keypress Vulnerability."
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 2000 | =sp4 | |
| Microsoft Windows Server 2003 | =sp2 | |
| Microsoft Windows Server 2003 | =sp2 | |
| Microsoft Windows Server | =sp2 | |
| Microsoft Windows XP | =sp2 | |
| Microsoft Windows XP | =sp3 | |
| Microsoft Windows XP | =sp2 | |
| Internet Explorer | =6 | |
| Internet Explorer | =7 | |
| Internet Explorer | =8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/38463
- http://www.kb.cert.org/vuls/id/612021
- http://isec.pl/vulnerabilities10.html
- http://blogs.technet.com/msrc/archive/2010/03/01/security-advisory-981169-released.aspx
- http://blogs.technet.com/msrc/archive/2010/02/28/investigating-a-new-win32hlp-and-internet-explorer-issue.aspx
- http://blogs.technet.com/srd/archive/2010/03/01/help-keypress-vulnerability-in-vbscript-enabling-remote-code-execution.aspx
- http://www.computerworld.com/s/article/9163298/New_zero_day_involves_IE_puts_Windows_XP_users_at_risk
- http://securitytracker.com/id?1023668
- http://www.microsoft.com/technet/security/advisory/981169.mspx
- http://secunia.com/advisories/38727
- http://www.vupen.com/english/advisories/2010/0485
- https://www.metasploit.com/svn/framework3/trunk/modules/exploits/windows/browser/ie_winhlp32.rb
- http://www.theregister.co.uk/2010/03/01/ie_code_execution_bug/
- http://isec.pl/vulnerabilities/isec-0027-msgbox-helpfile-ie.txt
- http://www.osvdb.org/62632
- http://www.us-cert.gov/cas/techalerts/TA10-103A.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56558
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8654
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7170
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-022
Frequently Asked Questions
What is the severity of CVE-2010-0483?
CVE-2010-0483 has a CVSS base score of 7.5, indicating a high severity vulnerability.
How do I fix CVE-2010-0483?
To remediate CVE-2010-0483, users should apply the latest security updates from Microsoft for their affected operating systems.
Which versions of Windows are affected by CVE-2010-0483?
CVE-2010-0483 affects Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2.
What can attackers achieve by exploiting CVE-2010-0483?
Exploiting CVE-2010-0483 allows attackers to execute arbitrary code on the victim's system under certain conditions.
Is Internet Explorer involved in CVE-2010-0483 exploitation?
Yes, the vulnerability requires Internet Explorer to be used to facilitate the code execution through specific references.
- collector/nvd-historical
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- vendor/microsoft
- canonical/microsoft windows 2000
- version/microsoft windows 2000/sp4
- canonical/microsoft windows server 2003
- version/microsoft windows server 2003/sp2
- canonical/microsoft windows server
- version/microsoft windows server/sp2
- canonical/microsoft windows xp
- version/microsoft windows xp/sp2
- version/microsoft windows xp/sp3
- canonical/internet explorer
- version/internet explorer/6
- version/internet explorer/7
- version/internet explorer/8