CVE-2010-2746
Microsoft Windows XP-7 - Buffer Overflow
Title source: llmDescription
Heap-based buffer overflow in Comctl32.dll (aka the common control library) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when a third-party SVG viewer is used, allows remote attackers to execute arbitrary code via a crafted HTML document that triggers unspecified messages from this viewer, aka "Comctl32 Heap Overflow Vulnerability."
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Nephi Johnson · rubyremotewindows
https://www.exploit-db.com/exploits/15963
References (4)
Scores
EPSS
0.7372
EPSS Percentile
98.8%
Details
CWE
CWE-119
Status
published
Products (7)
microsoft/windows_2003_server
microsoft/windows_7
(2 CPE variants)
microsoft/windows_server_2003
microsoft/windows_server_2008
(6 CPE variants)
microsoft/windows_server_2008
r2 (2 CPE variants)
microsoft/windows_vista
(2 CPE variants)
microsoft/windows_xp
(2 CPE variants)
Published
Oct 13, 2010
Tracked Since
Feb 18, 2026