CVE-2010-0478

Microsoft Windows 2000 - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in nsum.exe in the Windows Media Unicast Service in Media Services for Microsoft Windows 2000 Server SP4 allows remote attackers to execute arbitrary code via crafted packets associated with transport information, aka "Media Services Stack-based Buffer Overflow Vulnerability."

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16333

View Code ZIP pw:eip

metasploit WORKING POC GREAT

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/mmsp/ms10_025_wmss_connect_funnel.rb

View Code ZIP pw:eip

References (3)

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA10-103A.html

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-025

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7001

Scores

EPSS 0.8167

EPSS Percentile 99.2%

Details

CWE

CWE-119

Status published

Products (1)

microsoft/windows_2000

Published Apr 14, 2010

Tracked Since Feb 18, 2026