Vulnerability Details : CVE-2010-0688
Public exploit exists!
Stack-based buffer overflow in Orbital Viewer 1.04 allows user-assisted remote attackers to execute arbitrary code via a crafted (1) .orb or (2) .ov file.
Vulnerability category: OverflowExecute code
Products affected by CVE-2010-0688
- cpe:2.3:a:orbitals:orbital_viewer:1.04:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2010-0688
70.19%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2010-0688
-
Orbital Viewer ORB File Parsing Buffer Overflow
Disclosure Date: 2010-02-27First seen: 2020-04-26exploit/windows/fileformat/orbital_viewer_orbThis module exploits a stack-based buffer overflow in David Manthey's Orbital Viewer. When processing .ORB files, data is read from file into a fixed-size stack buffer using the fscanf function. Since no bounds checking is done, a buffer overflow can occur. Attacke
CVSS scores for CVE-2010-0688
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2010-0688
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-0688
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/59560
Orbital Viewer .ov file buffer overflow undefined Vulnerability Report
-
http://www.securityfocus.com/bid/38436
Orbital Viewer '.orb' File Stack-Based Buffer Overflow VulnerabilityExploit
-
http://www.osvdb.org/62580
404 Not Found
-
http://www.vupen.com/english/advisories/2010/0478
Webmail | OVH- OVHVendor Advisory
-
http://secunia.com/advisories/38720
Sign inVendor Advisory
-
http://www.securityfocus.com/bid/40985
Orbital Viewer '.ov' File Stack Based Buffer Overflow Vulnerability
-
http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-011-orbital-viewer-orb-buffer-overflow/
Exploit
-
http://www.exploit-db.com/exploits/13940
Orbital Viewer 1.04 - '.ov' Local Universal Stack Overflow (SEH) - Windows local ExploitExploit
Jump to