製品・ソフトウェアに関する情報

JVN脆弱性詳細

Microsoft Windows Help and Support Center に脆弱性

Title	Microsoft Windows Help and Support Center に脆弱性
Summary	Microsoft Windows の Help and Support Center には、hcp:// URI の処理に起因する脆弱性が存在します。 Help and Support Center ドキュメントに存在するクロスサイトスクリプティングの脆弱性を使用することで、任意のスクリプトを挿入される可能性があります。
Possible impacts	細工された hcp:// URI を処理させることで、遠隔の第三者によって、ユーザの権限で任意のコマンドを実行される可能性があります。
Solution	[アップデートする] Microsoft が提供する情報をもとにアップデートを行ってください。 [ワークアラウンドを実施する] 本脆弱性の影響を軽減する回避策については、ベンダが提供する情報をご確認ください。
Publication Date	June 10, 2010, midnight
Registration Date	July 5, 2010, 5:52 p.m.
Last Update	July 23, 2010, 6:55 p.m.

Affected System

マイクロソフト

Microsoft Windows Server 2003

Microsoft Windows Server 2003 (itanium)

Microsoft Windows Server 2003 (x64)

Microsoft Windows XP (x64)

Microsoft Windows XP sp3

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2010-1885	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1885
National Vulnerability Database (NVD)
2	CVE-2010-1885	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1885

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-78	https://jvndb.jvn.jp/ja/cwe/CWE-78.html

ベンダー情報

No	Name	URL
Microsoft Security Advisory
1	2219475	http://www.microsoft.com/technet/security/advisory/2219475.mspx
Microsoft Security Bulletin
2	MS10-042	http://www.microsoft.com/technet/security/bulletin/MS10-042.mspx
マイクロソフトセキュリティアドバイザリ
3	2219475	http://www.microsoft.com/japan/technet/security/advisory/2219475.mspx
マイクロソフトセキュリティ情報
4	MS10-042	http://www.microsoft.com/japan/technet/security/bulletin/ms10-042.mspx
富士通セキュリティ情報
5	TA10-194A	http://software.fujitsu.com/jp/security/vulnerabilities/ta10-194a.html
絵でみるセキュリティ情報
6	MS10-042e	http://www.microsoft.com/japan/security/bulletins/MS10-042e.mspx

その他

No	Name	URL
IPA 緊急対策情報
1	20100705-windows	http://www.ipa.go.jp/security/ciadr/vul/20100705-windows.html
ISS X-Force Database
2	59267	http://xforce.iss.net/xforce/xfdb/59267
JPCERT 緊急報告
3	JPCERT-AT-2010-0016	http://www.jpcert.or.jp/at/2010/at100016.txt
4	JPCERT-AT-2010-0018	http://www.jpcert.or.jp/at/2010/at100018.txt
JVN
5	JVNTA10-194A	http://jvn.jp/cert/JVNTA10-194A/
6	JVNVU#578319	http://jvn.jp/cert/JVNVU578319/
JVN Status Tracking Notes
7	JVNTR-2010-19	http://jvn.jp/tr/JVNTR-2010-19/
Secunia Advisory
8	SA40076	http://secunia.com/advisories/40076
SecurityFocus
9	40725	http://www.securityfocus.com/bid/40725
SecurityTracker
10	1024084	http://www.securitytracker.com/id?1024084
US-CERT Cyber Security Alerts
11	SA10-194A	http://www.us-cert.gov/cas/alerts/SA10-194A.html
US-CERT Technical Cyber Security Alert
12	TA10-194A	http://www.us-cert.gov/cas/techalerts/TA10-194A.html
US-CERT Vulnerability Note
13	VU#578319	http://www.kb.cert.org/vuls/id/578319
VUPEN Security
14	VUPEN/ADV-2010-1417	http://www.vupen.com/english/advisories/2010/1417
警察庁 @police
15	マイクロソフト社のセキュリティ修正プログラムについて(MS10-042,043,044,045)	http://www.npa.go.jp/cyberpolice/topics/?seq=4026

Change Log

No	Changed Details	Date of change
0	[2010年07月05日] 掲載 [2010年07月23日] ベンダ情報：マイクロソフト (MS10-042) を追加ベンダ情報：富士通 (TA10-194A) を追加	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2010-1885

Summary	The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist (fromHCP option) and execute arbitrary commands via a crafted hcp:// URL, aka "Help Center URL Validation Vulnerability."
Summary	Per: http://blogs.technet.com/b/msrc/archive/2010/06/10/windows-help-vulnerability-disclosure.aspx "customers running Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2, are not vulnerable to this issue, or at risk of attack."
Publication Date	June 15, 2010, 11:04 p.m.
Registration Date	Jan. 29, 2021, 11:01 a.m.
Last Update	Feb. 26, 2019, 11:04 p.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:microsoft:windows_2003_server::sp2::::::*
cpe:2.3:o:microsoft:windows_2003_server::sp2:itanium:::::
cpe:2.3:o:microsoft:windows_server_2003::sp2::::::*
cpe:2.3:o:microsoft:windows_xp::sp2::::::*
cpe:2.3:o:microsoft:windows_xp::sp3::::::*
cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:::::*

Related information, measures and tools

No	URL	refsource	タグ
1	http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0197.html	FULLDISC	Exploit
2	http://blogs.technet.com/b/msrc/archive/2010/06/10/windows-help-vulnerability-disclosure.aspx	MISC
3	http://blogs.technet.com/b/srd/archive/2010/06/10/help-and-support-center-vulnerability-full-disclosure-posting.aspx	CONFIRM	Vendor Advisory
4	http://secunia.com/advisories/40076	SECUNIA	Vendor Advisory
5	http://www.exploit-db.com/exploits/13808	EXPLOIT-DB
6	http://www.kb.cert.org/vuls/id/578319	CERT-VN	US Government Resource
7	http://www.microsoft.com/technet/security/advisory/2219475.mspx	CONFIRM	Vendor Advisory
8	http://www.securityfocus.com/archive/1/511774/100/0/threaded	BUGTRAQ
9	http://www.securityfocus.com/archive/1/511783/100/0/threaded	BUGTRAQ
10	http://www.securityfocus.com/bid/40725	BID	Exploit
11	http://www.securitytracker.com/id?1024084	SECTRACK
12	http://www.us-cert.gov/cas/techalerts/TA10-194A.html	CERT	US Government Resource
13	http://www.vupen.com/english/advisories/2010/1417	VUPEN	Vendor Advisory
14	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-042	MS
15	https://exchange.xforce.ibmcloud.com/vulnerabilities/59267	XF
16	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11733	OVAL

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-78	OSコマンド・インジェクション	https://cwe.mitre.org/data/definitions/78.html

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:microsoft:windows_2003_server::sp2::::::*
cpe:2.3:o:microsoft:windows_2003_server::sp2:itanium:::::
cpe:2.3:o:microsoft:windows_server_2003::sp2::::::*
cpe:2.3:o:microsoft:windows_xp::sp2::::::*
cpe:2.3:o:microsoft:windows_xp::sp3::::::*
cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:::::*