Lucene search

[email protected]CVE-2010-0478

HistoryApr 14, 2010 - 4:00 p.m.

CVE-2010-0478

2010-04-1416:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-0478

stack-based buffer overflow

nsum.exe

windows media unicast service

media services

microsoft windows

remote code execution

crafted packets

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.969 High

EPSS

Percentile

99.7%

JSON

Stack-based buffer overflow in nsum.exe in the Windows Media Unicast Service in Media Services for Microsoft Windows 2000 Server SP4 allows remote attackers to execute arbitrary code via crafted packets associated with transport information, aka “Media Services Stack-based Buffer Overflow Vulnerability.”

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*

References

www.us-cert.gov/cas/techalerts/TA10-103A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-025

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7001

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.969 High

EPSS

Percentile

99.7%

JSON

Related for CVE-2010-0478

symantec1 saint4 packetstorm1 securityvulns3 seebug2 checkpoint_advisories1 metasploit1 nessus2 openvas2 prion1 canvas1 exploitdb1