This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.
Arbitrary code can be executed on the remote host through the
installed VBScript Scripting Engine.
The installed version of the VBScript Scripting Engine allows an
attacker to specify a Help file location when displaying a dialog box
on a web page. If a user can be tricked into pressing the F1 key
while such a dialog box is being displayed, an attacker can leverage
this to cause the Windows Help System to load a specially crafted Help
file, resulting in execution of arbitrary code subject to the user's
See also :
Microsoft has released a set of patches for Windows 2000, XP, 2003,
Vista, 2008, 7, and 2008 R2.
Risk factor :
High / CVSS Base Score : 7.6
CVSS Temporal Score : 6.3
Public Exploit Available : true
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 45509 ()
Bugtraq ID: 38463
CVE ID: CVE-2010-0483
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.