CVE-2010-1263 Information
Description
Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3 Windows Server 2003 SP2 Windows Vista SP1 and SP2 Windows Server 2008 Gold SP2 and R2 and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during instantiation which allows remote attackers to execute arbitrary code via a crafted file aka \COM Validation Vulnerability.\
Reference
http://www.securityfocus.com/bid/40574 http://www.securitytracker.com/id?1024555 http://www.us-cert.gov/cas/techalerts/TA10-159B.html http://www.us-cert.gov/cas/techalerts/TA10-285A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-036 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-083 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A7286
Share on: