What is CVE-2010-3147?

CVE-2010-3147 is a vulnerability in Microsoft Outlook_express. Published 2010-08-27.

Is CVE-2010-3147 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Outlook_express

CVE-2010-3147

Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows loca…

EPSS: 0.187 (96.9th percentile) — read the EPSS interpretation.

Affected products

Microsoft Outlook_express — versions 6.00.2900.5512
Microsoft Windows_2003_server
Microsoft Windows_7
Microsoft Windows_server_2003
Microsoft Windows_server_2008
Microsoft Windows_vista
Microsoft Windows_xp
N/a — versions n/a

Public proof-of-concept exploits

References

cve@mitre.org (US Government Resource, x_refsource_CERT, third-party-advisory)
cve@mitre.org (Exploit, exploit, x_refsource_EXPLOIT-DB)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (x_refsource_MS, vendor-advisory)
cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (signature, x_refsource_OVAL, vdb-entry)

Frequently asked questions

What is CVE-2010-3147?: CVE-2010-3147 is a vulnerability in Microsoft Outlook_express. Published 2010-08-27.
Is CVE-2010-3147 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.