<< Back
CVE Number Vulnerability Product Severity Date
MS10-021 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683) VBScript 5.1 Critical 14-04-2010

Technical Information

Brief overview of the risk:
This security update resolves a publicly disclosed vulnerability in VBScript on Microsoft Windows that could allow remote code execution.
Detailed Information on the risk:

A remote code execution vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer. If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, the Windows Help System would be started with a Windows Help File provided by the attacker. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.

Further information on this exploit is available at : MS10-022

Affected Software

VBScript 5.1
VBScript 5.6
VBScript 5.7
VBScript 5.8