QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2010-0483

Back to search

CVE-2010-0483

Published: Mar 3, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with a crafted .hlp file in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution involving winhlp32.exe when the F1 key is pressed, aka "VBScript Help Keypress Vulnerability."

VendorProductVersions

n/a

n/a

affected
n/a

References

oval:org.mitre.oval:def:7170
vdb-entry
signature
x_refsource_OVAL
MS10-022
vendor-advisory
x_refsource_MS
VU#612021
third-party-advisory
x_refsource_CERT-VN
62632
vdb-entry
x_refsource_OSVDB
ADV-2010-0485
vdb-entry
x_refsource_VUPEN
38463
vdb-entry
x_refsource_BID
oval:org.mitre.oval:def:8654
vdb-entry
signature
x_refsource_OVAL
1023668
vdb-entry
x_refsource_SECTRACK
TA10-103A
third-party-advisory
x_refsource_CERT
38727
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now