What is CVE-2010-2553?

CVE-2010-2553 is a vulnerability in Microsoft Windows_7, classified under Code Injection. Published 2010-08-11.

Is CVE-2010-2553 known to be exploited?

6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Microsoft Windows_7

CVE-2010-2553

The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, and Windows 7 does not properly decompress media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Cinepak Codec Decomp…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.684 (98.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

CWE-94 — Code Injection

Public proof-of-concept exploits

References

MS10-055 (x_refsource_MS, vendor-advisory)
TA10-222A (US Government Resource, x_refsource_CERT, third-party-advisory)
oval:org.mitre.oval:def:11773 (x_refsource_OVAL, signature, vdb-entry)

Frequently asked questions

What is CVE-2010-2553?: CVE-2010-2553 is a vulnerability in Microsoft Windows_7, classified under Code Injection. Published 2010-08-11.
Is CVE-2010-2553 known to be exploited?: 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.