MS10-019: Vulnerabilities in Windows Could Allow Remote Code Execution (981210)

This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.

Synopsis :

The remote Windows host has multiple code execution vulnerabilities.

Description :

The version of Windows running on the remote host has vulnerabilities
in the Windows Authenticode Signature mechanism. Modifying an
existing signed executable or cabinet file can result in arbitrary
code execution.

A remote attacker could exploit this by tricking a user into executing
or opening a maliciously crafted file, resulting in arbitrary code

See also :

Solution :

Microsoft has released a set of patches for Windows 2000, XP, 2003,
Vista, 2008, 7, and 2008 R2.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 45506 ()

Bugtraq ID: 39328

CVE ID: CVE-2010-0486