3 matches found
MS Windows ICSW Remote Code Execution Vulnerability (2443105)
This host is missing a critical security update according to Microsoft Bulletin MS10-097. OpenVAS Vulnerability Test $Id: secpodms10-097.nasl 5361 2017-02-20 11:57:13Z cfi $ MS Windows ICSW Remote Code Execution Vulnerability 2443105 Authors: Antu Sanadi Copyright: Copyright c 2010 SecPod,...
MS10-097: Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution (2443105)
The remote Windows host contains a version of the Internet Connection Signup Wizard that incorrectly restricts the path used for loading external libraries. If an attacker can trick a user on the affected system into opening a specially crafted .ins or .isp file located in the same network...
CVE-2010-3144
CVE-2010-3144 concerns an insecure library loading vulnerability in the Internet Connection Signup Wizard (ICSW) affecting Windows XP SP2/SP3 and Windows Server 2003 SP2. The root cause is untrusted search path handling that allows loading a Trojan horse DLL (smmscrpt.dll) from the current direct...