CVE-2010-2568

{"id": "CVE-2010-2568", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2010-07-22T05:43:49.703", "references": [{"url": "http://isc.sans.edu/diary.html?storyid=9181", "tags": ["Broken Link"], "source": "secure@microsoft.com"}, {"url": "http://isc.sans.edu/diary.html?storyid=9190", "tags": ["Broken Link"], "source": "secure@microsoft.com"}, {"url": "http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/", "tags": ["Press/Media Coverage"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/40647", "tags": ["Broken Link", "Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://securitytracker.com/id?1024216", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.f-secure.com/weblog/archives/00001986.html", "tags": ["Not Applicable"], "source": "secure@microsoft.com"}, {"url": "http://www.f-secure.com/weblog/archives/new_rootkit_en.pdf", "tags": ["Exploit"], "source": "secure@microsoft.com"}, {"url": "http://www.kb.cert.org/vuls/id/940193", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "source": "secure@microsoft.com"}, {"url": "http://www.microsoft.com/technet/security/advisory/2286198.mspx", "tags": ["Patch", "Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.securityfocus.com/bid/41732", "tags": ["Broken Link", "Exploit", "Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html", "tags": ["Third Party Advisory", "US Government Resource"], "source": "secure@microsoft.com"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-046", "tags": ["Patch", "Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11564", "tags": ["Broken Link"], "source": "secure@microsoft.com"}, {"url": "https://www.geoffchappell.com/notes/security/stuxnet/ctrlfldr.htm", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://isc.sans.edu/diary.html?storyid=9181", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://isc.sans.edu/diary.html?storyid=9190", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/", "tags": ["Press/Media Coverage"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/40647", "tags": ["Broken Link", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1024216", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.f-secure.com/weblog/archives/00001986.html", "tags": ["Not Applicable"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.f-secure.com/weblog/archives/new_rootkit_en.pdf", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/940193", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.microsoft.com/technet/security/advisory/2286198.mspx", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/41732", "tags": ["Broken Link", "Exploit", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-046", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11564", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.geoffchappell.com/notes/security/stuxnet/ctrlfldr.htm", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010, and originally reported for malware that leverages CVE-2010-2772 in Siemens WinCC SCADA systems."}, {"lang": "es", "value": "Shell de Windows en Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 y SP2, Server 2008 SP2 y R2, y Windows 7 permite a usuarios locales o atacantes remotos ejecutar codigo a su elecci\u00f3n a traves de un fichero de acceso directo (1) .LNK o (2) .PIF manipulado, el cual no es manejado adecuadamente mientras se muestra el icono en el Explorador de Windows, tal y como se demostro en Julio de 2010, originalmene referenciado por malware que aprovecha CVE-2010-2772 en los sistemas Siemens WinCC SCADA."}], "lastModified": "2024-11-21T01:16:55.293", "cisaActionDue": "2022-10-06", "cisaExploitAdd": "2022-09-15", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2EE0AD3-2ADC-480E-B03E-06962EC4F095"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:*", "vulnerable": true, "matchCriteriaId": "B20DD263-5A62-4CB1-BD47-D1F9A6C67E08"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "B7674920-AE12-4A25-BE57-34AEDDA74D76"}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3"}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", "vulnerable": true, "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com", "evaluatorSolution": "Per: http://www.microsoft.com/technet/security/advisory/2286198.mspx\r\n\r\nMicrosoft has completed the investigation into a public report of this vulnerability. We have issued MS10-046 to address this issue.\r\n\r\nhttp://www.microsoft.com/technet/security/bulletin/MS10-046.mspx", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Microsoft Windows Remote Code Execution Vulnerability"}