Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mscveMicrosoftMS:CVE-2010-3190
HistoryOct 09, 2018 - 7:00 a.m.

MFC Insecure Library Loading Vulnerability

2018-10-0907:00:00
Microsoft
msrc.microsoft.com
14

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

79.6%

JSON

A remote code execution vulnerability exists in the way that certain applications built using Microsoft Foundation Classes (MFC) handle the loading of DLL files.

An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

The update addresses this vulnerability by correcting how applications built using MFC load DLL files.

Related

openvas 5
nessus 4
mskb 3
hp 1
checkpoint_advisories 1
prion 1
seebug 1
cve 1
kaspersky 2
qualysblog 1
threatpost 1
talosblog 1
securityvulns 2
openvas
openvas
Microsoft Visual Studio Insecure Library Loading Vulnerability
2010-09-29 00:00:00
Microsoft Foundation Class (MFC) Library Remote Code Execution Vulnerability (2500212)
2011-04-13 00:00:00
Microsoft Foundation Class (MFC) Library Remote Code Execution Vulnerability (2500212)
2011-04-13 00:00:00
nessus
nessus
MS11-025: Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution (2500212)
2011-04-13 00:00:00
Apple iTunes < 12.3 Multiple Vulnerabilities (credentialed check)
2015-09-18 00:00:00
Apple iTunes < 12.3 Multiple Vulnerabilities (uncredentialed check)
2015-10-26 00:00:00
mskb
mskb
MS11-025: Description of the security update for Visual C++ 2010 Service Pack 1: August 9, 2011
2018-10-09 07:00:00
MS11-025: Vulnerability in Microsoft Foundation Class (MFC) Library could allow remote code execution: April 12, 2011
2011-04-12 00:00:00
Description of the security update for Microsoft Exchange Server 2013 and 2016: October 9, 2018
2018-10-09 07:00:00
hp
hp
HPSBPI03720 rev. 1 - Software Vulnerability with Certain HP OfficeJet and PageWide Solutions
2021-03-09 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft MFC Insecure Library Loading (CVE-2010-3190)
2018-10-09 00:00:00
prion
prion
Design/Logic Flaw
2010-08-31 20:00:00
seebug
seebug
Microsoft ATL/MFC跟θΈͺε·₯ε…·'dwmapi.dll' DLLθ£…θ½½δ»»ζ„δ»£η ζ‰§θ‘ŒζΌζ΄ž
2011-06-16 00:00:00
cve
cve
CVE-2010-3190
2010-08-31 20:00:00
kaspersky
kaspersky
KLA11335 Multiple vulnerabilities in Microsoft Exchange Server
2018-10-09 00:00:00
KLA10669 Multiple vulnerabilities in Apple iTunes
2015-09-16 00:00:00
qualysblog
qualysblog
October 2018 Patch Tuesday – 49 Vulns, Critical browser patches, Hyper-V, Adobe vulns
2018-10-09 18:21:32
threatpost
threatpost
Microsoft Patches Zero-Day Under Active Attack by APT
2018-10-09 21:24:54
talosblog
talosblog
Microsoft Patch Tuesday β€” October 18: Vulnerability disclosures and Snort coverage
2018-10-09 11:38:00
securityvulns
securityvulns
APPLE-SA-2015-09-16-3 iTunes 12.3
2015-10-05 00:00:00
Apple iTunes multiple security vulnerabilities
2015-10-25 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

79.6%

JSON
Related for MS:CVE-2010-3190
openvas5nessus4mskb3hp1checkpoint_advisories1prion1seebug1cve1kaspersky2qualysblog1threatpost1talosblog1securityvulns2