Published: 2011-01-23T05:26+00:00
Last Updated: 2011-01-23T05:26+00:00
JVNTR-2011-01
Microsoft Windows graphics engine thumbnail stack buffer overflow (CVE-2010-3970, JVNVU#106516)
Overview
Microsoft Windows contains a stack-based buffer overflow vulnerability in the graphics rendering engine, which may allow an attacker to execute arbitrary code.
Event Information
| Date (UTC) | Description |
| 2011-01-06 03:20 |
Microsoft Microsoft Security Advisory (2490606): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution Fix it (Modify the Access Control List on shimgvw.dll) published. |
| 2011-01-05 11:48 |
US-CERT Microsoft Releases Security Advisory US-CERT Current Activity Public notification for "Security Advisory (2490606) ". |
| 2011-01-04 22:07 |
Microsoft Microsoft Security Advisory (2490606): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution Security Advisory (2490606) published. |
| 2011-01-04 07:30 |
Metasploit Project Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow Vulnerability proof-of-concept code has been posted. Metasploit Penetration Testing Framework |
| 2011-01-04 |
SANS Internet Storm Center Microsoft Advisory: Vulnerability in Graphics Rendering Engine |
| 2010-12-15 |
A Story about How Hackers' Heart Broken by 0-day Vulnerability related information disclosed. |
Other Information
| CVE |
CVE-2010-3970 |