SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   OS (Microsoft)  >   Windows Script Engine Vendors:   Microsoft
Windows VBScript Script Engine Flaw in Processing Windows Help Files Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1023668
SecurityTracker URL:  http://securitytracker.com/id/1023668
CVE Reference:   CVE-2010-0483   (Links to External Site)
Updated:  Apr 13 2010
Original Entry Date:  Mar 2 2010
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 2000 SP4, XP SP3, 2003 SP2; and prior service packs; VBScript 5.1, 5.6, 5.7, 5.8
Description:   A vulnerability was reported in Windows VBScript Script Engine. A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create a specially crafted Windows help file that, when loaded by the target user via Microsoft Internet Explorer, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

A specially crafted dialog box can also trigger the flaw when the target user presses the F1 (help) key.

Windows 7, Windows Server 2008 R2, Windows Vista, and Windows Server 2008 are not affected.

The original advisory is available at:

http://isec.pl/vulnerabilities/isec-0027-msgbox-helpfile-ie.txt

Maurycy Prodeus reported this vulnerability.

Impact:   A remote user can create a file or dialog that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution:   The vendor has issued the following fixes:

Microsoft Windows 2000 Service Pack 4, VBScript 5.1:

http://www.microsoft.com/downloads/details.aspx?familyid=421BE318-F217-4D12-B7A5-833093189073

Windows XP Service Pack 2, VBScript 5.6:

http://www.microsoft.com/downloads/details.aspx?familyid=AA8FF157-A7B3-4787-80C9-5BC453F0F1C9

Windows XP Service Pack 2 and Windows XP Service Pack 3, VBScript 5.7:

http://www.microsoft.com/downloads/details.aspx?familyid=CB21D276-65E9-4C8F-96E3-CF6DC36D0133

Windows XP Professional x64 Edition Service Pack 2, VBScript 5.6:

http://www.microsoft.com/downloads/details.aspx?familyid=896C738D-4058-440F-8D4F-16C678610CD1

Windows Server 2003 Service Pack 2, VBScript 5.6:

http://www.microsoft.com/downloads/details.aspx?familyid=28B035B8-D56E-4E93-B811-9A82CF1D4BA9

Windows Server 2003 x64 Edition Service Pack 2, VBScript 5.6:

http://www.microsoft.com/downloads/details.aspx?familyid=339DDF48-8949-4857-9EF6-1DDCC7C5F8B8

Windows Server 2003 with SP2 for Itanium-based Systems, VBScript 5.6:

http://www.microsoft.com/downloads/details.aspx?familyid=9A8BEE82-5F7F-490E-A1EB-481F6D4FC4F5

Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2, VBScript 5.7:

http://www.microsoft.com/downloads/details.aspx?familyid=EE5C42C6-16BB-48BF-95C2-C188BB17D04B

Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2, VBScript 5.7:

http://www.microsoft.com/downloads/details.aspx?familyid=EA5C5E9C-0ECD-47BC-912D-5ADC00D1AA21

Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2**, VBScript 5.7:

http://www.microsoft.com/downloads/details.aspx?familyid=DBE89813-0A45-463B-928C-1E58F7BB596A

Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2**, VBScript 5.7:

http://www.microsoft.com/downloads/details.aspx?familyid=9DB62357-557D-40CD-9826-B7BAA6C9DE65

Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2, VBScript 5.7:

http://www.microsoft.com/downloads/details.aspx?familyid=84C5AAAE-9417-42A1-834F-22C1AD46A12F

Windows 7 for 32-bit Systems, VBScript 5.8:

http://www.microsoft.com/downloads/details.aspx?familyid=C3F76835-0053-4E53-A451-14255E7A4FC0

Windows 7 for x64-based Systems, VBScript 5.8:

http://www.microsoft.com/downloads/details.aspx?familyid=998164B7-4B8C-468B-8D39-F242633C8838

Windows Server 2008 R2 for x64-based Systems**, VBScript 5.8:

http://www.microsoft.com/downloads/details.aspx?familyid=C4039D40-A0C7-4183-AB50-04F690D1C5DC

Windows Server 2008 R2 for Itanium-based Systems, VBScript 5.8:

http://www.microsoft.com/downloads/details.aspx?familyid=8174463C-5C5E-4095-90C8-FD1E898D4BA5

A restart may be required.

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms10-022.mspx

The vendor's original advisory is available at:

http://www.microsoft.com/technet/security/advisory/981169.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms10-022.mspx (Links to External Site)
Cause:   Not specified
Underlying OS:  

Message History:   None.


 Source Message Contents

Date:  Tue, 02 Mar 2010 00:03:16 +0000
Subject:  Microsoft VBScript


http://www.microsoft.com/technet/security/advisory/981169.mspx

CVE-2010-0483
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC