CVE-2010-0917

Published: Mar 3, 2010Modified: Apr 29, 2026

7.6

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitability: 4.9 / Impact: 10.0

Source: NVD

Description

Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, might allow user-assisted remote attackers to execute arbitrary code via a long string in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution when the F1 key is pressed, a different vulnerability than CVE-2010-0483.

Affected (7)

Products: Microsoft: Windows 2000, Windows 2003 Server, Windows Server 2003, Windows Xp

4 products

Windows 2003 Server

Windows Server 2003

Configuration A

7 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Microsoft Windows 2000	All versions
Microsoft Windows 2003 Server	All versions
Microsoft Windows 2003 Server	All versions
Microsoft Windows Server 2003	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions

Running on/with	Platform Versions
Microsoft Internet Explorer	Version 6
Microsoft Internet Explorer	Version 7
Microsoft Internet Explorer	Version 8

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (14)

http://blogs.technet.com/msrc/archive/2010/03/01/security-advisory-981169-released.aspx

Source: cve@mitre.org

Vendor Advisory

http://isec.pl/vulnerabilities/isec-0027-msgbox-helpfile-ie.txt

Source: cve@mitre.org

Exploit

http://isec.pl/vulnerabilities10.html

Source: cve@mitre.org

Exploit

http://www.microsoft.com/technet/security/advisory/981169.mspx

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/38473

Source: cve@mitre.org

Exploit

http://www.theregister.co.uk/2010/03/01/ie_code_execution_bug/

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/56560

Source: cve@mitre.org

http://blogs.technet.com/msrc/archive/2010/03/01/security-advisory-981169-released.aspx

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://isec.pl/vulnerabilities/isec-0027-msgbox-helpfile-ie.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://isec.pl/vulnerabilities10.html

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.microsoft.com/technet/security/advisory/981169.mspx

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/38473

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.theregister.co.uk/2010/03/01/ie_code_execution_bug/

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/56560

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.