CVE-2010-0917

Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, might allow user-assisted remote attackers to execute arbitrary code via a long string in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution when the F1 key is pressed, a different vulnerability than CVE-2010-0483.
Severity
UNKNOWN
AV:N/AC:H/Au:N/C:C/I:C/A:C
Atk. Vector
NETWORK
Atk. Complexity
HIGH
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
VendorProductVersion
microsoftwindows_2000
*
microsoftwindows_2003_server
*
microsoftwindows_2003_server
*
microsoftwindows_server_2003
*
microsoftwindows_xp
*
microsoftwindows_xp
*
microsoftwindows_xp
-
𝑥
= Vulnerable software versions