CVE-2010-2568

🗓️ 22 Jul 2010 10:00:00Reported by microsoftType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 1670 Views

Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file

Reporter	Title	Published	Views	Family All 53
GithubExploit	Exploit for CVE-2010-2568	26 Feb 202609:41	–	githubexploit
ATTACKERKB	CVE-2010-2568	22 Jul 201000:00	–	attackerkb
ATTACKERKB	CVE-2010-2772	22 Jul 201000:00	–	attackerkb
Circl	CVE-2010-2568	18 Jul 201000:00	–	circl
CISA KEV Catalog	Microsoft Windows Remote Code Execution Vulnerability	15 Sep 202200:00	–	cisa_kev
Check Point Advisories	Microsoft Windows Shell LNK File Parsing Code Execution (MS10-046; CVE-2010-2568)	18 Jul 201000:00	–	checkpoint_advisories
Check Point Advisories	Microsoft Windows LNK PIF Code Execution - Ver2 (CVE-2010-2568)	3 Mar 201400:00	–	checkpoint_advisories
Cvelist	CVE-2010-2568	22 Jul 201010:00	–	cvelist
Exploit DB	Microsoft Windows - Shell LNK Code Execution (MS10-046) (Metasploit)	21 Sep 201000:00	–	exploitdb
ICS	USB Malware Targeting Siemens Control Software (Update C)	8 Jan 201412:00	–	ics

NVD

Node

microsoft windows_7Match-

microsoft windows_server_2003Match-sp2

microsoft windows_server_2008Match--

microsoft windows_server_2008Match-sp2

microsoft windows_server_2008Matchr2itanium

microsoft windows_server_2008Matchr2x64

microsoft windows_vistaMatch-sp1

microsoft windows_vistaMatch-sp2

microsoft windows_xpMatch-sp2professionalx64

microsoft windows_xpMatch-sp3

Source	Link
kb	www.kb.cert.org/vuls/id/940193
isc	www.isc.sans.edu/diary.html
krebsonsecurity	www.krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/
microsoft	www.microsoft.com/technet/security/advisory/2286198.mspx
securityfocus	www.securityfocus.com/bid/41732
securitytracker	www.securitytracker.com/id
f-secure	www.f-secure.com/weblog/archives/new_rootkit_en.pdf
docs	www.docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-046
us-cert	www.us-cert.gov/cas/techalerts/TA10-222A.html
f-secure	www.f-secure.com/weblog/archives/00001986.html

22 Apr 2026 10:35Current

7.7High risk

Vulners AI Score7.7

CVSS 29.3

CVSS 3.17.8

EPSS0.92134

SSVC

In Wild