NVD

Id
14022  
Name
CVE-2010-2566  
Description
The Secure Channel (aka SChannel) security package in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, does not properly validate certificate request messages from TLS and SSL servers, which allows remote servers to execute arbitrary code via a crafted SSL response, aka "SChannel Malformed Certificate Request Remote Code Execution Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-18  
Published
2010-08-11  
Modified Date
2010-09-17  
Seq
2010-2566  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
77669 14022 CVE-2010-2566 oval:org.mitre.oval:def:11787  View
77670 14022 CVE-2010-2566 MS10-049  View
77671 14022 CVE-2010-2566 TA10-222A  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
36129 JVNDB-2010-001909 Microsoft Windows の Secure Channel における任意のコードを実行される脆弱性 Microsoft Windows の Secure Channel には、TLS および SSL サーバーからのリクエストメッセージを適切に検証しないため、任意のコードを実行される脆弱性が存在します。 CVE-2010-2566 45146 CVE-2010-2566 14022 9.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001909.html 2010-08-10 2010-08-31 View