Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:D73D956898E75970CBB67DF23C41B8A0
HistoryJul 22, 2010 - 12:00 a.m.

Windows Shell LNK file CONTROL item command execution

2010-07-2200:00:00
SAINT Corporation
my.saintcorporation.com
129

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.972 High

EPSS

Percentile

99.8%

JSON

Added: 07/22/2010
CVE: CVE-2010-2568
BID: 41732
OSVDB: 66387

Background

Microsoft Windows supports LNK files, also known as shortcuts, which are references to other files. Shortcuts can be placed in a location which is convenient for users (such as the Desktop or Start menu), from which they can be used to execute the referenced file.

Problem

A design weakness in the Windows shell allows command execution when a user opens a shortcut file containing a CONTROL item which specifies a malicious executable DLL. The shortcut file could be given to the user on removable media such as a USB flash drive.

Resolution

See Microsoft Security Advisory 2286198 for patch information or workarounds.

References

<http://www.kb.cert.org/vuls/id/940193&gt;

Limitations

The specified SMB share must be accessible by the target user. Before the exploit can succeed, download the exploit.dll file and place it on the specified share.

The user must double-click on the shortcut file in order for this exploit to succeed.

Platforms

Windows

Related

saint 3
securityvulns 2
securelist 3
checkpoint_advisories 2
qualysblog 1
packetstorm 2
threatpost 10
nessus 2
openvas 2
ics 1
cert 2
mskb 1
canvas 1
metasploit 1
cisa_kev 1
attackerkb 2
prion 2
cve 2
myhack58 2
rapid7blog 1
saint
saint
Windows Shell LNK file CONTROL item command execution
2010-07-22 00:00:00
Windows Shell LNK file CONTROL item command execution
2010-07-22 00:00:00
Windows Shell LNK file CONTROL item command execution
2010-07-22 00:00:00
securityvulns
securityvulns
Microsoft Windows shortcuts code execution
2010-08-03 00:00:00
Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution &#40;2286198&#41;
2010-08-03 00:00:00
securelist
securelist
IT threat evolution Q3 2018
2018-11-12 10:00:24
USB threats from malware to miners
2018-09-25 10:00:57
Threats to users of adult websites in 2018
2019-02-21 10:00:01
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Shell LNK File Parsing Code Execution (MS10-046; CVE-2010-2568)
2010-07-18 00:00:00
Microsoft Windows LNK PIF Code Execution - Ver2 (CVE-2010-2568)
2014-03-03 00:00:00
qualysblog
qualysblog
Countdown to GDPR: Manage Vulnerabilities
2017-08-02 15:27:04
packetstorm
packetstorm
Microsoft Windows Shell LNK Code Execution
2010-08-05 00:00:00
Microsoft Windows Shell LNK Code Execution
2010-07-21 00:00:00
threatpost
threatpost
ThreatList: Skype-Themed Apps Hide a Raft of Malware
2020-04-08 16:23:29
Microsoft Security Intelligence Report: Top Takeaways
2016-05-07 09:52:06
New Gauss Malware, Descended From Flame and Stuxnet, Found On Thousands of PCs in Middle East
2012-08-09 13:31:45
nessus
nessus
MS10-046: Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) (EASYHOOKUP)
2010-08-02 00:00:00
MS KB2286198: Windows Shell Shortcut Icon Parsing Arbitrary Code Execution (EASYHOOKUP)
2010-07-18 00:00:00
openvas
openvas
Microsoft Windows Shell Remote Code Execution Vulnerability (2286198)
2010-08-04 00:00:00
Microsoft Windows Shell Remote Code Execution Vulnerability (2286198)
2010-08-04 00:00:00
ics
ics
USB Malware Targeting Siemens Control Software (Update C)
2014-01-08 12:00:00
cert
cert
Microsoft Windows automatically executes code specified in shortcut files
2010-07-15 00:00:00
Microsoft Windows automatically executes code specified in shortcut files
2017-08-03 00:00:00
mskb
mskb
Microsoft Security Advisory 2286198
1970-01-01 00:00:00
canvas
canvas
Immunity Canvas: WINDOWS_SHELL_LNK
2010-07-22 05:43:00
metasploit
metasploit
FannyBMP or DementiaWheel Detection Registry Check
2021-01-25 19:54:37
cisa_kev
cisa_kev
Microsoft Windows Remote Code Execution Vulnerability
2022-09-15 00:00:00
attackerkb
attackerkb
CVE-2010-2568
2010-07-22 00:00:00
CVE-2010-2772
2010-07-22 00:00:00
prion
prion
Hardcoded credentials
2010-07-22 05:43:00
Code injection
2010-07-22 05:43:00
cve
cve
CVE-2010-2772
2010-07-22 05:43:00
CVE-2010-2568
2010-07-22 05:43:00
myhack58
myhack58
“The seismic network of the third generation”CVE-2017-8464 vulnerability analysis and early warning-vulnerability warning-the black bar safety net
2017-08-09 00:00:00
“The seismic network of the third generation”(CVE-2017-8464 several species using the method and prevention-vulnerability and early warning-the black bar safety net
2017-08-07 00:00:00
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-01-29 21:09:49

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.972 High

EPSS

Percentile

99.8%

JSON
Related for SAINT:D73D956898E75970CBB67DF23C41B8A0
saint3securityvulns2securelist3checkpoint_advisories2qualysblog1packetstorm2threatpost10nessus2openvas2ics1cert2mskb1canvas1metasploit1cisa_kev1attackerkb2prion2cve2myhack582rapid7blog1