Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during instantiation, which allows remote attackers to execute arbitrary code via a crafted file, aka "COM Validation Vulnerability."

According to the version number obtained by NTLM the remote host has Windows Server 2008 installed. The host may be vulnerable to a number of vulnerabilities including remote unauthenticated code execution.

The remote windows host contains a version of the Windows Shell or the WordPad text editor that contains a vulnerability in the way it handles shortcut files.

An attacker, exploiting this flaw, can execute arbitrary commands on the remote host subject to the privileges of the user opening the file.

The remote host contains a vulnerable version of Microsoft Office 2003 or 2007. Opening a specially crafted Office file can result in arbitrary code execution. A remote attacker can exploit this by tricking a user into opening a specially crafted Office file.

ID	Name	Product	Family	Severity
108811	Windows Server 2008 Critical RCE Vulnerabilities (uncredentialed) (PCI/DSS)	Nessus	Windows	critical
49960	MS10-083: Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution (2405882)	Nessus	Windows : Microsoft Bulletins	high
46843	MS10-036: Vulnerability in COM Validation in Microsoft Office Could Allow Remote Code Execution (983235)	Nessus	Windows : Microsoft Bulletins	high

Detections

Analytics

CVE-2010-1263

high

Tenable Plugins

critical

high

high