Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Prion
Prionadded 2010/04/14 4:0 p.m.16 views

Input validation

The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does...

9.3CVSS8AI score0.33752EPSS
Exploits1References3Affected Software3
CVE
CVEadded 2010/04/14 3:44 p.m.73 views

CVE-2010-0487

CVE-2010-0487 describes a remote code execution vulnerability in Windows Cabinet File Viewer (cabview.dll) where the Authenticode signature verification omits certain fields from the digest for cabinet files. Affected: Cabinet File Viewer Shell Extension (cabview.dll) versions 5.1, 6.0, 6.1 on Wi...

9.3CVSS7.6AI score0.33752EPSS
Exploits1References3Affected Software1
seebug.org
seebug.orgadded 2010/04/14 12:0 a.m.45 views

Microsoft Windows Cabinet File Viewer Cabview验证远程代码执行漏洞(MS10-019)

BUGTRAQ ID: 39332 CVE ID: CVE-2010-0487 Windows Cabinet File Viewer(cabview.dll)用于查看、打开、浏览和解压cabinet文件和档案。 Windows Cabinet File Viewer在签名和验证cabinet文件时忽略了文件digest的一些字段。匿名攻击者可以通过修改已有的签名cabinet文件以便将签名文件的未验证部分指向恶意代码然后诱骗用户打开或查看特制的cabinet文件来利用此漏洞。成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft Cabinet File Viewer...

9.3CVSS6.9AI score0.33752EPSS
Exploits1
Rows per page
Query Builder