CVE-2010-3888

EXPLOITED IN THE WILD

Microsoft Windows - Privilege Escalation

Title source: llm

Description

Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified by Kaspersky Lab researchers and other researchers.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/19930

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by webDEViL · localwindows

https://www.exploit-db.com/exploits/15589

View Code ZIP pw:eip

References (6)

[Various Sources] http://www.computerworld.com/s/article/9185919/Is_Stuxnet_the_best_malware_ever_

[Various Sources] http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2010/20100716

[Various Sources] http://www.securelist.com/en/blog/2291/Myrtus_and_Guava_Episode_MS10_061

[Third Party Advisory] http://www.symantec.com/connect/blogs/stuxnet-using-three-additional-zero-day-vulnerabilities

[Various Sources] http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute7.xml

[Various Sources] http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute8.xml

Scores

EPSS 0.0103

EPSS Percentile 77.4%

Details

VulnCheck KEV 2010-10-08

InTheWild.io 2010-10-11

Status published

Products (1)

microsoft/windows

Published Oct 08, 2010

Tracked Since Feb 18, 2026