← back
CVE-2010-3973

CVE-2010-3973

EPSS 71.7%
Vexday Risk Score
60Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 71.7%KEV nãoPoC públicaNuclei Metasploit simPatch referenciado
Lifecycle
21 Dec 2010Metasploit module available
22 Dec 2010Public PoC
23 Dec 2010Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted argument to the AddContextRef method, possibly an untrusted pointer dereference, aka "Microsoft WMITools ActiveX Control Vulnerability."
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.