CVE-2010-3973

Vulnerability Description

The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted argument to the AddContextRef method, possibly an untrusted pointer dereference, aka "Microsoft WMITools ActiveX Control Vulnerability."

CVSS Score

Affected Products

Related Weaknesses (CWE)

References

• http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-i
• http://secunia.com/advisories/42693Vendor Advisory
• http://www.exploit-db.com/exploits/15809Exploit
• http://www.kb.cert.org/vuls/id/725596US Government Resource
• http://www.securityfocus.com/bid/45546Exploit
• http://www.vupen.com/english/advisories/2010/3301Vendor Advisory
• http://www.wooyun.org/bug.php?action=view&id=1006Exploit
• https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-02
• https://exchange.xforce.ibmcloud.com/vulnerabilities/64250
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
• http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-i
• http://secunia.com/advisories/42693Vendor Advisory
• http://www.exploit-db.com/exploits/15809Exploit
• http://www.kb.cert.org/vuls/id/725596US Government Resource
• http://www.securityfocus.com/bid/45546Exploit