CVE

Id
46083  
CVE No.
CVE-2010-3499  
Status
Candidate  
Description
F-Secure Anti-Virus does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution. NOTE: the researcher indicates that a vendor response was received, stating that "the inability to catch these files are caused by lacking functionality rather than programming errors."  
Phase
Assigned (20100924)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
501212 46083 CVE-2010-3499 BUGTRAQ:20101018 Antivirus detection after malware execution  View
501213 46083 CVE-2010-3499 URL:http://www.securityfocus.com/archive/1/514356  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
36450 JVNDB-2010-002230 Oracle Solaris における su の処理に関する脆弱性 Oracle Solaris には、su に関する処理に不備があるため、機密性および完全性に影響のある脆弱性が存在します。 CVE-2010-3503 46083 6.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002230.html  View