CVE-2010-2729

EXPLOITED IN THE WILD

Microsoft Windows XP-7 - RCE

Title source: llm

Description

The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when printer sharing is enabled, does not properly validate spooler access permissions, which allows remote attackers to create files in a system directory, and consequently execute arbitrary code, by sending a crafted print request over RPC, as exploited in the wild in September 2010, aka "Print Spooler Service Impersonation Vulnerability."

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16361

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by jduck, hdm · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/smb/ms10_061_spoolss.rb

View Code ZIP pw:eip

References (2)

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-061

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7358

Scores

EPSS 0.8433

EPSS Percentile 99.3%

Details

VulnCheck KEV 2010-09-15

InTheWild.io 2019-02-26

CWE

CWE-20

Status published

Products (6)

microsoft/windows_7

microsoft/windows_server_2003

microsoft/windows_server_2008 (7 CPE variants)

microsoft/windows_server_2008 r2 (2 CPE variants)

microsoft/windows_vista (4 CPE variants)

microsoft/windows_xp (2 CPE variants)

Published Sep 15, 2010

Tracked Since Feb 18, 2026