Lucene search
K

4 matches found

Cvelist
Cvelist
added 2010/04/14 3:44 p.m.32 views

CVE-2010-0486

The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a...

7.5AI score0.22037EPSS
Exploits1References3
CVE
CVE
added 2010/04/14 3:44 p.m.66 views

CVE-2010-0486

CVE-2010-0486 describes a remote code execution vulnerability in Windows Authenticode Signature Verification (WinVerifyTrust) affecting PE and cabinet (.CAB) handling. The flaw arises from improper use of certain file digest fields during signing/verifying, enabling a modified signed file to exec...

9.3CVSS7.6AI score0.22037EPSS
Exploits1References3Affected Software1
OpenVAS
OpenVAS
added 2010/04/14 12:0 a.m.24 views

Microsoft Windows Authentication Verification Remote Code Execution Vulnerability (981210)

This host is missing a critical security update according to Microsoft Bulletin MS10-019. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS5AI score0.24216EPSS
Exploits2References4
seebug.org
seebug.org
added 2010/04/14 12:0 a.m.39 views

Microsoft Windows Authenticode Signature Verification远程代码执行漏洞(MS10-019)

BUGTRAQ ID: 39328 CVE ID: CVE-2010-0486 Windows Authenticode Signature Verification功能也称为WinVerifyTrust,用于对指定的对象执行信任验证操作。 Windows Authenticode Signature Verification功能在处理PE和cabinet文件格式的某些文件digest字段时存在错误。匿名攻击者可以通过修改已有的签名可执行文件以篡改签名文件的未验证部分来利用此漏洞,从而无需使签名失效便向文件添加恶意代码。成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft...

9.3CVSS6.9AI score0.22037EPSS
Exploits1
Rows per page
Query Builder