CVE-2009-3678 (GCVE-0-2009-3678)
Vulnerability from cvelistv5
Published
2010-05-14 19:24
Modified
2024-08-07 06:38
Severity ?
CWE
  • n/a
Summary
Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in Microsoft Windows Server 2008 R2 and Windows 7 on 64-bit platforms, when the Windows Aero theme is installed, allows context-dependent attackers to cause a denial of service (reboot) or possibly execute arbitrary code via a crafted image file that triggers incorrect data parsing after user-mode data is copied to kernel mode, as demonstrated using "Browse with Irfanview" and certain actions on a folder containing a large number of thumbnail images in Resample mode, possibly related to the ATI graphics driver or win32k.sys, aka "Canonical Display Driver Integer Overflow Vulnerability."
References
secure@microsoft.com http://blogs.technet.com/msrc/archive/2010/05/18/security-advisory-2028859-released.aspx
secure@microsoft.com http://blogs.technet.com/srd/archive/2010/05/18/cdd-dll-vulnerability-difficult-to-exploit.aspx
secure@microsoft.com http://en.irfanview-forum.de/vb/showthread.php?5647-V4-25-bluescreen-with-Windows-7-cdd-dll-win32k-sys
secure@microsoft.com http://isc.sans.org/diary.html?storyid=8809
secure@microsoft.com http://osvdb.org/64731
secure@microsoft.com http://pcandmactech.blogspot.com/2009/12/irfanview-and-bsod.html
secure@microsoft.com http://secunia.com/advisories/39577 Vendor Advisory
secure@microsoft.com http://www.microsoft.com/technet/security/advisory/2028859.mspx
secure@microsoft.com http://www.securityfocus.com/bid/40237
secure@microsoft.com http://www.us-cert.gov/cas/techalerts/TA10-194A.html US Government Resource
secure@microsoft.com http://www.vupen.com/english/advisories/2010/1178 Vendor Advisory
secure@microsoft.com https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-043
secure@microsoft.com https://exchange.xforce.ibmcloud.com/vulnerabilities/58622
secure@microsoft.com https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7195
af854a3a-2127-422b-91ae-364da2661108 http://blogs.technet.com/msrc/archive/2010/05/18/security-advisory-2028859-released.aspx
af854a3a-2127-422b-91ae-364da2661108 http://blogs.technet.com/srd/archive/2010/05/18/cdd-dll-vulnerability-difficult-to-exploit.aspx
af854a3a-2127-422b-91ae-364da2661108 http://en.irfanview-forum.de/vb/showthread.php?5647-V4-25-bluescreen-with-Windows-7-cdd-dll-win32k-sys
af854a3a-2127-422b-91ae-364da2661108 http://isc.sans.org/diary.html?storyid=8809
af854a3a-2127-422b-91ae-364da2661108 http://osvdb.org/64731
af854a3a-2127-422b-91ae-364da2661108 http://pcandmactech.blogspot.com/2009/12/irfanview-and-bsod.html
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/39577 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.microsoft.com/technet/security/advisory/2028859.mspx
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/40237
af854a3a-2127-422b-91ae-364da2661108 http://www.us-cert.gov/cas/techalerts/TA10-194A.html US Government Resource
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2010/1178 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-043
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/58622
af854a3a-2127-422b-91ae-364da2661108 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7195
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:38:30.178Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.microsoft.com/technet/security/advisory/2028859.mspx"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://isc.sans.org/diary.html?storyid=8809"
          },
          {
            "name": "64731",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/64731"
          },
          {
            "name": "oval:org.mitre.oval:def:7195",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7195"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://en.irfanview-forum.de/vb/showthread.php?5647-V4-25-bluescreen-with-Windows-7-cdd-dll-win32k-sys"
          },
          {
            "name": "MS10-043",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-043"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blogs.technet.com/srd/archive/2010/05/18/cdd-dll-vulnerability-difficult-to-exploit.aspx"
          },
          {
            "name": "ms-win-irfanview-dos(58622)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58622"
          },
          {
            "name": "TA10-194A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA10-194A.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blogs.technet.com/msrc/archive/2010/05/18/security-advisory-2028859-released.aspx"
          },
          {
            "name": "39577",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39577"
          },
          {
            "name": "40237",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/40237"
          },
          {
            "name": "ADV-2010-1178",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1178"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://pcandmactech.blogspot.com/2009/12/irfanview-and-bsod.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-11-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in Microsoft Windows Server 2008 R2 and Windows 7 on 64-bit platforms, when the Windows Aero theme is installed, allows context-dependent attackers to cause a denial of service (reboot) or possibly execute arbitrary code via a crafted image file that triggers incorrect data parsing after user-mode data is copied to kernel mode, as demonstrated using \"Browse with Irfanview\" and certain actions on a folder containing a large number of thumbnail images in Resample mode, possibly related to the ATI graphics driver or win32k.sys, aka \"Canonical Display Driver Integer Overflow Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.microsoft.com/technet/security/advisory/2028859.mspx"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://isc.sans.org/diary.html?storyid=8809"
        },
        {
          "name": "64731",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/64731"
        },
        {
          "name": "oval:org.mitre.oval:def:7195",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7195"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://en.irfanview-forum.de/vb/showthread.php?5647-V4-25-bluescreen-with-Windows-7-cdd-dll-win32k-sys"
        },
        {
          "name": "MS10-043",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-043"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blogs.technet.com/srd/archive/2010/05/18/cdd-dll-vulnerability-difficult-to-exploit.aspx"
        },
        {
          "name": "ms-win-irfanview-dos(58622)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58622"
        },
        {
          "name": "TA10-194A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA10-194A.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blogs.technet.com/msrc/archive/2010/05/18/security-advisory-2028859-released.aspx"
        },
        {
          "name": "39577",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39577"
        },
        {
          "name": "40237",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/40237"
        },
        {
          "name": "ADV-2010-1178",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1178"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://pcandmactech.blogspot.com/2009/12/irfanview-and-bsod.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-3678",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in Microsoft Windows Server 2008 R2 and Windows 7 on 64-bit platforms, when the Windows Aero theme is installed, allows context-dependent attackers to cause a denial of service (reboot) or possibly execute arbitrary code via a crafted image file that triggers incorrect data parsing after user-mode data is copied to kernel mode, as demonstrated using \"Browse with Irfanview\" and certain actions on a folder containing a large number of thumbnail images in Resample mode, possibly related to the ATI graphics driver or win32k.sys, aka \"Canonical Display Driver Integer Overflow Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.microsoft.com/technet/security/advisory/2028859.mspx",
              "refsource": "CONFIRM",
              "url": "http://www.microsoft.com/technet/security/advisory/2028859.mspx"
            },
            {
              "name": "http://isc.sans.org/diary.html?storyid=8809",
              "refsource": "MISC",
              "url": "http://isc.sans.org/diary.html?storyid=8809"
            },
            {
              "name": "64731",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/64731"
            },
            {
              "name": "oval:org.mitre.oval:def:7195",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7195"
            },
            {
              "name": "http://en.irfanview-forum.de/vb/showthread.php?5647-V4-25-bluescreen-with-Windows-7-cdd-dll-win32k-sys",
              "refsource": "MISC",
              "url": "http://en.irfanview-forum.de/vb/showthread.php?5647-V4-25-bluescreen-with-Windows-7-cdd-dll-win32k-sys"
            },
            {
              "name": "MS10-043",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-043"
            },
            {
              "name": "http://blogs.technet.com/srd/archive/2010/05/18/cdd-dll-vulnerability-difficult-to-exploit.aspx",
              "refsource": "CONFIRM",
              "url": "http://blogs.technet.com/srd/archive/2010/05/18/cdd-dll-vulnerability-difficult-to-exploit.aspx"
            },
            {
              "name": "ms-win-irfanview-dos(58622)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58622"
            },
            {
              "name": "TA10-194A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA10-194A.html"
            },
            {
              "name": "http://blogs.technet.com/msrc/archive/2010/05/18/security-advisory-2028859-released.aspx",
              "refsource": "CONFIRM",
              "url": "http://blogs.technet.com/msrc/archive/2010/05/18/security-advisory-2028859-released.aspx"
            },
            {
              "name": "39577",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/39577"
            },
            {
              "name": "40237",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/40237"
            },
            {
              "name": "ADV-2010-1178",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1178"
            },
            {
              "name": "http://pcandmactech.blogspot.com/2009/12/irfanview-and-bsod.html",
              "refsource": "MISC",
              "url": "http://pcandmactech.blogspot.com/2009/12/irfanview-and-bsod.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2009-3678",
    "datePublished": "2010-05-14T19:24:00",
    "dateReserved": "2009-10-13T00:00:00",
    "dateUpdated": "2024-08-07T06:38:30.178Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-3678\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2010-05-14T19:30:01.203\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in Microsoft Windows Server 2008 R2 and Windows 7 on 64-bit platforms, when the Windows Aero theme is installed, allows context-dependent attackers to cause a denial of service (reboot) or possibly execute arbitrary code via a crafted image file that triggers incorrect data parsing after user-mode data is copied to kernel mode, as demonstrated using \\\"Browse with Irfanview\\\" and certain actions on a folder containing a large number of thumbnail images in Resample mode, possibly related to the ATI graphics driver or win32k.sys, aka \\\"Canonical Display Driver Integer Overflow Vulnerability.\\\"\"},{\"lang\":\"es\",\"value\":\"El desbordamiento de enteros en la biblioteca cdd.dll en el Controlador de Pantalla Can\u00f3nica (CDD) en Microsoft Windows Server 2008 R2 y Windows 7 en plataformas de 64 bits, cuando se instala el tema de Windows Aero, permite que los atacantes dependiendo del contexto causen  una denegaci\u00f3n de servicio (reinicio) o posiblemente ejecute c\u00f3digo arbitrario por medio de un archivo de imagen creado que activa el an\u00e1lisis de datos de manera inapropiada despu\u00e9s de que los datos de modo usuario se copien al modo kernel, como se demuestra al usar \\\"Browse with Irfanview\\\"  y ciertas acciones en una carpeta que contiene una gran cantidad de im\u00e1genes en miniatura en modo Resample, posiblemente relacionado con el controlador de gr\u00e1ficos ATI o win32k.sys, tambi\u00e9n se conoce como  \\\"Canonical Display Driver Integer Overflow Vulnerability.\\\"\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-189\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E33796DB-4523-4F04-B564-ADF030553D51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*\",\"matchCriteriaId\":\"95DC297F-06DB-4FB3-BFB6-7312C059E047\"}]}]}],\"references\":[{\"url\":\"http://blogs.technet.com/msrc/archive/2010/05/18/security-advisory-2028859-released.aspx\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://blogs.technet.com/srd/archive/2010/05/18/cdd-dll-vulnerability-difficult-to-exploit.aspx\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://en.irfanview-forum.de/vb/showthread.php?5647-V4-25-bluescreen-with-Windows-7-cdd-dll-win32k-sys\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://isc.sans.org/diary.html?storyid=8809\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://osvdb.org/64731\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://pcandmactech.blogspot.com/2009/12/irfanview-and-bsod.html\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/39577\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.microsoft.com/technet/security/advisory/2028859.mspx\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/bid/40237\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA10-194A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1178\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-043\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/58622\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7195\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://blogs.technet.com/msrc/archive/2010/05/18/security-advisory-2028859-released.aspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://blogs.technet.com/srd/archive/2010/05/18/cdd-dll-vulnerability-difficult-to-exploit.aspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://en.irfanview-forum.de/vb/showthread.php?5647-V4-25-bluescreen-with-Windows-7-cdd-dll-win32k-sys\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://isc.sans.org/diary.html?storyid=8809\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/64731\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://pcandmactech.blogspot.com/2009/12/irfanview-and-bsod.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/39577\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.microsoft.com/technet/security/advisory/2028859.mspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/40237\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA10-194A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1178\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-043\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/58622\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7195\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.