Vulnerability Details CVE-2010-3889
Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified by Microsoft researchers and other researchers.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.2%
CVSS Severity
CVSS v2 Score 7.2
References
- http://www.computerworld.com/s/article/9185919/Is_Stuxnet_the_best_malware_ever_
- http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2010/20100716-%281%29
- http://www.securelist.com/en/blog/2291/Myrtus_and_Guava_Episode_MS10_061
- http://www.symantec.com/connect/blogs/stuxnet-using-three-additional-zero-day-vulnerabilities
- http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute7.xml
- http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute8.xml
- http://www.computerworld.com/s/article/9185919/Is_Stuxnet_the_best_malware_ever_
- http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2010/20100716-%281%29
- http://www.securelist.com/en/blog/2291/Myrtus_and_Guava_Episode_MS10_061
- http://www.symantec.com/connect/blogs/stuxnet-using-three-additional-zero-day-vulnerabilities
- http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute7.xml
- http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute8.xml
Products affected by CVE-2010-3889
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:microsoft:windows:1.0
-
cpe:2.3:o:microsoft:windows:2.0
-
cpe:2.3:o:microsoft:windows:2000
-
cpe:2.3:o:microsoft:windows:3.0
-
cpe:2.3:o:microsoft:windows:3.1
-
cpe:2.3:o:microsoft:windows:3.11
-
cpe:2.3:o:microsoft:windows:server_2008
-
cpe:2.3:o:microsoft:windows:vista