CVE-2010-0917

Microsoft Windows 2000 SP4, XP SP2-SP3, Server 2003 SP2 - Stack-based Buffer Overflow via MsgBox Helpfile Argument

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, might allow user-assisted remote attackers to execute arbitrary code via a long string in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution when the F1 key is pressed, a different vulnerability than CVE-2010-0483.

References (7)

Core 7

Scores

EPSS 0.2432
EPSS Percentile 97.6%

Details

CWE
CWE-119
Status published
Products (4)
microsoft/windows_2000
microsoft/windows_2003_server (2 CPE variants)
microsoft/windows_server_2003
microsoft/windows_xp (3 CPE variants)
Published Mar 03, 2010
Tracked Since Feb 18, 2026