CVE-2010-3973

Currently unrated

Key Information:

Vendor: Microsoft
Status: Wmi Administrative Tools
Vendor: CVE Published:; 23 December 2010

Summary

The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted argument to the AddContextRef method, possibly an untrusted pointer dereference, aka "Microsoft WMITools ActiveX Control Vulnerability."

References

http://blogs.technet.com/b/srd/archive/2011/01/07/assessi...

x_refsource_MISC

http://www.vupen.com/english/advisories/2010/3301

vdb-entryx_refsource_VUPEN

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

96% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 23, 2010
Vulnerability Reserved
Oct 14, 2010

Collectors

NVD DatabaseMitre Database