| CVE ID | CVE-2010-0027 |
| CVSS SCORE | 10.0, AV:N/AC:L/Au:N/C:C/I:C/A:C |
| AFFECTED VENDORS |
Microsoft Microsoft Microsoft |
| AFFECTED PRODUCTS |
Windows XP Windows 2000 Windows Server 2003 |
| VULNERABILITY DETAILS |
This vulnerability allows remote attackers to force a Microsoft Windows system to execute a given local executable. User interaction is required in that the target must access a malicious URL. The specific flaw exists within the ShellExecute API. Using a specially formatted URL an attacker can bypass sanitization checks within this function and force the calling application into running an executable of their choice. Successful exploitation requires a useful binary to exist in a predictable location on the remote system. |
| ADDITIONAL DETAILS |
Microsoft has issued an update to correct this vulnerability. More details can be found at:
http://www.microsoft.com/technet/security/bulletin/MS10-007.mspx |
| DISCLOSURE TIMELINE |
|
| CREDIT | Brett Moore, Insomnia Security |
