What is CVE-2010-3973?

CVE-2010-3973 is a vulnerability in Microsoft Wmi_administrative_tools, classified under Code Injection. Published 2010-12-23.

Is CVE-2010-3973 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Microsoft Wmi_administrative_tools

CVE-2010-3973

The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted argument to the AddCon…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.827 (99.3th percentile) — read the EPSS interpretation.

Affected products

Microsoft Wmi_administrative_tools
N/a — versions n/a

Weakness classification (CWE)

CWE-94 — Code Injection

Public proof-of-concept exploits

rapid7/metasploit-framework

References

secure@microsoft.com (x_refsource_MISC)
ADV-2010-3301 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
oval:org.mitre.oval:def:12475 (x_refsource_OVAL, signature, vdb-entry)
VU#725596 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)
secure@microsoft.com (Exploit, x_refsource_MISC)
MS11-027 (x_refsource_MS, vendor-advisory)
45546 (Exploit, vdb-entry, x_refsource_BID)
ms-wmi-wbemsingleview-ce(64250) (vdb-entry, x_refsource_XF)
15809 (Exploit, exploit, x_refsource_EXPLOIT-DB)
42693 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)

Frequently asked questions

What is CVE-2010-3973?: CVE-2010-3973 is a vulnerability in Microsoft Wmi_administrative_tools, classified under Code Injection. Published 2010-12-23.
Is CVE-2010-3973 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.