The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist (fromHCP option) and execute arbitrary commands via a crafted hcp:// URL, aka "Help Center URL Validation Vulnerability."
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:15
Type | Values Removed | Values Added |
---|---|---|
References | () http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0197.html - Exploit | |
References | () http://blogs.technet.com/b/msrc/archive/2010/06/10/windows-help-vulnerability-disclosure.aspx - | |
References | () http://blogs.technet.com/b/srd/archive/2010/06/10/help-and-support-center-vulnerability-full-disclosure-posting.aspx - Vendor Advisory | |
References | () http://secunia.com/advisories/40076 - Vendor Advisory | |
References | () http://www.exploit-db.com/exploits/13808 - | |
References | () http://www.kb.cert.org/vuls/id/578319 - US Government Resource | |
References | () http://www.microsoft.com/technet/security/advisory/2219475.mspx - Vendor Advisory | |
References | () http://www.securityfocus.com/archive/1/511774/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/511783/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/40725 - Exploit | |
References | () http://www.securitytracker.com/id?1024084 - | |
References | () http://www.us-cert.gov/cas/techalerts/TA10-194A.html - US Government Resource | |
References | () http://www.vupen.com/english/advisories/2010/1417 - Vendor Advisory | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-042 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/59267 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11733 - |
Information
Published : 2010-06-15 14:04
Updated : 2024-11-21 01:15
NVD link : CVE-2010-1885
Mitre link : CVE-2010-1885
CVE.ORG link : CVE-2010-1885
JSON object : View
Products Affected
microsoft
- windows_server_2003
- windows_2003_server
- windows_xp
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')