CVE-2010-0917 : Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, XP SP2 an

Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, might allow user-assisted remote attackers to execute arbitrary code via a long string in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution when the F1 key is pressed, a different vulnerability than CVE-2010-0483.

Published 2010-03-03 19:30:01

Updated 2025-04-11 00:51:22

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Products affected by CVE-2010-0917

Microsoft » Windows 2000 » Update SP4
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Internet Explorer » Version: 6
When used together with: Microsoft » Internet Explorer » Version: 7
When used together with: Microsoft » Internet Explorer » Version: 8
Microsoft » Windows Xp » Update SP2
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Internet Explorer » Version: 6
When used together with: Microsoft » Internet Explorer » Version: 7
When used together with: Microsoft » Internet Explorer » Version: 8
Microsoft » Windows Xp » Update SP3
cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Internet Explorer » Version: 6
When used together with: Microsoft » Internet Explorer » Version: 7
When used together with: Microsoft » Internet Explorer » Version: 8
Microsoft » Windows Xp » Version: N/A Update SP2 X64 Edition
cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
Matching versions
When used together with: Microsoft » Internet Explorer » Version: 6
When used together with: Microsoft » Internet Explorer » Version: 7
When used together with: Microsoft » Internet Explorer » Version: 8
Microsoft » Windows 2003 Server » Update SP2
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Internet Explorer » Version: 6
When used together with: Microsoft » Internet Explorer » Version: 7
When used together with: Microsoft » Internet Explorer » Version: 8
Microsoft » Windows 2003 Server » Update SP2 Itanium Edition
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*
Matching versions
When used together with: Microsoft » Internet Explorer » Version: 6
When used together with: Microsoft » Internet Explorer » Version: 7
When used together with: Microsoft » Internet Explorer » Version: 8
Microsoft » Windows Server 2003 » Update SP2
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Internet Explorer » Version: 6
When used together with: Microsoft » Internet Explorer » Version: 7
When used together with: Microsoft » Internet Explorer » Version: 8

Exploit prediction scoring system (EPSS) score for CVE-2010-0917

EPSS FAQ

44.54%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 97 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2010-0917

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.6	HIGH	AV:N/AC:H/Au:N/C:C/I:C/A:C	4.9	10.0	NIST
Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2010-0917

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2010-0917

http://www.securityfocus.com/bid/38473

Microsoft Internet Explorer 'winhlp32.exe' 'MsgBox()' Stack-Based Buffer Overflow Vulnerability
Exploit
http://isec.pl/vulnerabilities/isec-0027-msgbox-helpfile-ie.txt

Exploit

CVEs referencing this url
http://www.theregister.co.uk/2010/03/01/ie_code_execution_bug/

IE code execution bug can bite older Windows • The Register

CVEs referencing this url
http://isec.pl/vulnerabilities10.html

404 Not Found
Exploit

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/56560

Microsoft Windows winhlp32.exe buffer overflow CVE-2010-0917 Vulnerability Report
http://blogs.technet.com/msrc/archive/2010/03/01/security-advisory-981169-released.aspx

Page not found – Microsoft Security Response Center
Vendor Advisory

CVEs referencing this url
http://www.microsoft.com/technet/security/advisory/981169.mspx

Technical documentation, API, and code examples | Microsoft Docs
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2010-0917

Products affected by CVE-2010-0917

Exploit prediction scoring system (EPSS) score for CVE-2010-0917

CVSS scores for CVE-2010-0917

CWE ids for CVE-2010-0917

References for CVE-2010-0917