ActiveX Control Vulnerability in Microsoft WMI Administrative Tools
CVE-2010-3973

Currently unrated

Key Information:

Vendor
Microsoft
Status
Wmi Administrative Tools
Vendor
CVE Published:
23 December 2010

Summary

The WMITools ActiveX control in WBEMSingleView.ocx versions up to 1.50.1131.0 in Microsoft WMI Administrative Tools allows remote attackers to exploit an untrusted pointer dereference through a crafted argument to the AddContextRef method. This exploitation can lead to the execution of arbitrary code on affected systems, putting user data and system integrity at risk.

References

http://blogs.technet.com/b/srd/archive/2011/01/07/assessi...
x_refsource_MISC
http://www.vupen.com/english/advisories/2010/3301
vdb-entryx_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL

EPSS Score

82% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2010-3973 : ActiveX Control Vulnerability in Microsoft WMI Administrative Tools | SecurityVulnerability.io