Vulnerabilities > CVE-2010-0252 - Code Injection vulnerability in Microsoft products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
microsoft
CWE-94
nessus
NVD
Published: 2010-02-10
Updated: 2023-12-07

Summary

The Microsoft Data Analyzer ActiveX control (aka the Office Excel ActiveX control for Data Analysis) in max3activex.dll in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary code via a crafted web page that corrupts the "system state," aka "Microsoft Data Analyzer ActiveX Control Vulnerability."

Vulnerable Configurations

Part Description Count
OS
Microsoft
20

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Leverage Executable Code in Non-Executable Files
    An attack of this type exploits a system's trust in configuration and resource files, when the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high. The attack can be directed at a client system, such as causing buffer overrun through loading seemingly benign image files, as in Microsoft Security Bulletin MS04-028 where specially crafted JPEG files could cause a buffer overrun once loaded into the browser. Another example targets clients reading pdf files. In this case the attacker simply appends javascript to the end of a legitimate url for a pdf (http://www.gnucitizen.org/blog/danger-danger-danger/) http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here The client assumes that they are reading a pdf, but the attacker has modified the resource and loaded executable javascript into the client's browser process. The attack can also target server processes. The attacker edits the resource or configuration file, for example a web.xml file used to configure security permissions for a J2EE app server, adding role name "public" grants all users with the public role the ability to use the administration functionality. The server trusts its configuration file to be correct, but when they are manipulated, the attacker gains full control.
  • Manipulating User-Controlled Variables
    This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An attacker can override environment variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the attacker can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.

Msbulletin

  • bulletin_idMS10-034
    bulletin_url
    date2010-06-08T00:00:00
    impactRemote Code Execution
    knowledgebase_id980195
    knowledgebase_url
    severityCritical
    titleCumulative Security Update of ActiveX Kill Bits
  • bulletin_idMS10-008
    bulletin_url
    date2010-02-09T00:00:00
    impactRemote Code Execution
    knowledgebase_id978262
    knowledgebase_url
    severityCritical
    titleCumulative Security Update of ActiveX Kill Bits

Nessus

  • NASL familyWindows : Microsoft Bulletins
    NASL idSMB_NT_MS10-034.NASL
    descriptionThe Microsoft Data Analyzer ActiveX control has a remote code execution vulnerability. The system may also have one or more vulnerable third-party ActiveX controls installed. A remote attacker could exploit these issues by tricking a user into requesting a maliciously crafted web page, resulting in arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id46841
    published2010-06-09
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/46841
    titleMS10-034: Cumulative Security Update of ActiveX Kill Bits (980195)
  • NASL familyWindows : Microsoft Bulletins
    NASL idSMB_NT_MS10-008.NASL
    descriptionThe Microsoft Data Analyzer ActiveX control has a remote code execution vulnerability. The system may also have one or more vulnerable third-party ActiveX controls installed. A remote attacker could exploit these issues by tricking a user into requesting a maliciously crafted web page, resulting in arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id44418
    published2010-02-09
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44418
    titleMS10-008: Cumulative Security Update of ActiveX Kill Bits (978262)

Oval

accepted2014-05-05T04:00:33.271-04:00
classvulnerability
contributors
  • nameDragos Prisaca
    organizationSymantec Corporation
  • nameJosh Turpin
    organizationSymantec Corporation
  • nameDragos Prisaca
    organizationSymantec Corporation
  • nameMaria Mikhno
    organizationALTX-SOFT
definition_extensions
  • commentMicrosoft Windows 2000 SP4 or later is installed
    ovaloval:org.mitre.oval:def:229
  • commentMicrosoft Windows XP (x86) SP2 is installed
    ovaloval:org.mitre.oval:def:754
  • commentMicrosoft Windows XP (x86) SP3 is installed
    ovaloval:org.mitre.oval:def:5631
  • commentMicrosoft Windows XP x64 Edition SP2 is installed
    ovaloval:org.mitre.oval:def:4193
  • commentMicrosoft Windows Server 2003 SP2 (x64) is installed
    ovaloval:org.mitre.oval:def:2161
  • commentMicrosoft Windows Server 2003 SP2 (x86) is installed
    ovaloval:org.mitre.oval:def:1935
  • commentMicrosoft Windows Server 2003 (ia64) SP2 is installed
    ovaloval:org.mitre.oval:def:1442
  • commentMicrosoft Windows Vista (32-bit) is installed
    ovaloval:org.mitre.oval:def:1282
  • commentMicrosoft Windows Vista x64 Edition is installed
    ovaloval:org.mitre.oval:def:2041
  • commentMicrosoft Windows Vista (32-bit) Service Pack 1 is installed
    ovaloval:org.mitre.oval:def:4873
  • commentMicrosoft Windows Vista x64 Edition Service Pack 1 is installed
    ovaloval:org.mitre.oval:def:5254
  • commentMicrosoft Windows Server 2008 (32-bit) is installed
    ovaloval:org.mitre.oval:def:4870
  • commentMicrosoft Windows Server 2008 (64-bit) is installed
    ovaloval:org.mitre.oval:def:5356
  • commentMicrosoft Windows Server 2008 (ia-64) is installed
    ovaloval:org.mitre.oval:def:5667
  • commentMicrosoft Windows Vista (32-bit) Service Pack 2 is installed
    ovaloval:org.mitre.oval:def:6124
  • commentMicrosoft Windows Vista x64 Edition Service Pack 2 is installed
    ovaloval:org.mitre.oval:def:5594
  • commentMicrosoft Windows Server 2008 (32-bit) Service Pack 2 is installed
    ovaloval:org.mitre.oval:def:5653
  • commentMicrosoft Windows Server 2008 x64 Edition Service Pack 2 is installed
    ovaloval:org.mitre.oval:def:6216
  • commentMicrosoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed
    ovaloval:org.mitre.oval:def:6150
  • commentMicrosoft Windows 7 (32-bit) is installed
    ovaloval:org.mitre.oval:def:6165
  • commentMicrosoft Windows 7 x64 Edition is installed
    ovaloval:org.mitre.oval:def:5950
  • commentMicrosoft Windows Server 2008 R2 x64 Edition is installed
    ovaloval:org.mitre.oval:def:6438
  • commentMicrosoft Windows Server 2008 R2 Itanium-Based Edition is installed
    ovaloval:org.mitre.oval:def:5954
descriptionThe Microsoft Data Analyzer ActiveX control (aka the Office Excel ActiveX control for Data Analysis) in max3activex.dll in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary code via a crafted web page that corrupts the "system state," aka "Microsoft Data Analyzer ActiveX Control Vulnerability."
familywindows
idoval:org.mitre.oval:def:8424
statusaccepted
submitted2010-02-08T13:00:00
titleMicrosoft Data Analyzer ActiveX Control Vulnerability
version28

Seebug

  • bulletinFamilyexploit
    descriptionBUGTRAQ ID: 38045 CVE ID: CVE-2010-0252 Microsoft Data Analyzer ActiveX控件允许从基于COM的开发应用程序(如Visual Basic)以编程方式控制Data Analyzer。 在Internet Explorer中实例化Microsoft Data Analyzer ActiveX控件(max3activex.dll)时,该控件可能会破坏栈状态,导致执行任意代码。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP2 Microsoft Windows Vista SP1 Microsoft Windows Vista Microsoft Windows Server 2008 SP2 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2008 Microsoft Windows Server 2003 SP2 Microsoft Windows 7 Microsoft Windows 2000SP4 临时解决方法: * 将Internet Explorer配置为在Internet和本地Intranet安全区域中运行ActiveX控件和活动脚本之前进行提示。 * 将Internet 和本地Intranet安全区域设置设为“高”,以便在这些区域中运行ActiveX控件和活动脚本之前进行提示。 * 禁止在Internet Explorer中运行COM对象。 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS10-008)以及相应补丁: MS10-008:Cumulative Security Update of ActiveX Kill Bits (978262) 链接:http://www.microsoft.com/technet/security/Bulletin/MS10-008.mspx?pf=true
    idSSV:19149
    last seen2017-11-19
    modified2010-02-20
    published2010-02-20
    reporterRoot
    titleMicrosoft Data Analyzer ActiveX控件栈破坏漏洞(MS10-008)
  • bulletinFamilyexploit
    descriptionBugraq ID: 38045 CVE ID:CVE-2010-0252 CNCVE ID:CNCVE-20100252 Microsoft Data Analyzer是一款用于Microsoft Office的数据分析软件。 Microsoft Data Analyzer ActiveX control (max3activex.dll)存在一个未明错误,构建恶意WEB页,诱使用户访问,可导致系统状态破坏,执行任意代码。 Microsoft Windows XP Tablet PC Edition SP3 Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP Professional x64 Edition SP3 Microsoft Windows XP Professional x64 Edition SP2 Microsoft Windows XP Professional x64 Edition Microsoft Windows XP Professional SP3 Microsoft Windows XP Professional SP2 Microsoft Windows XP Professional SP1 Microsoft Windows XP Professional Microsoft Windows XP Media Center Edition SP3 Microsoft Windows XP Media Center Edition SP2 Microsoft Windows XP Media Center Edition SP1 Microsoft Windows XP Media Center Edition Microsoft Windows XP Home SP3 Microsoft Windows XP Home SP2 Microsoft Windows XP Home SP1 Microsoft Windows XP 64-bit Edition SP1 Microsoft Windows XP 64-bit Edition Microsoft Windows XP 0 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Vista x64 Edition SP1 Microsoft Windows Vista x64 Edition 0 Microsoft Windows Vista Ultimate 64-bit edition SP2 Microsoft Windows Vista Ultimate 64-bit edition SP1 Microsoft Windows Vista Ultimate 64-bit edition 0 Microsoft Windows Vista Home Premium 64-bit edition SP2 Microsoft Windows Vista Home Premium 64-bit edition SP1 Microsoft Windows Vista Home Premium 64-bit edition 0 Microsoft Windows Vista Home Basic 64-bit edition SP2 Microsoft Windows Vista Home Basic 64-bit edition SP1 Microsoft Windows Vista Home Basic 64-bit edition 0 Microsoft Windows Vista Enterprise 64-bit edition SP2 Microsoft Windows Vista Enterprise 64-bit edition SP1 Microsoft Windows Vista Enterprise 64-bit edition 0 Microsoft Windows Vista Business 64-bit edition SP2 Microsoft Windows Vista Business 64-bit edition SP1 Microsoft Windows Vista Business 64-bit edition 0 Microsoft Windows Vista Ultimate SP2 Microsoft Windows Vista Ultimate SP1 Microsoft Windows Vista Ultimate Microsoft Windows Vista SP2 Microsoft Windows Vista SP1 Microsoft Windows Vista Home Premium SP2 Microsoft Windows Vista Home Premium SP1 Microsoft Windows Vista Home Premium Microsoft Windows Vista Home Basic SP2 Microsoft Windows Vista Home Basic SP1 Microsoft Windows Vista Home Basic Microsoft Windows Vista Enterprise SP2 Microsoft Windows Vista Enterprise SP1 Microsoft Windows Vista Business SP2 Microsoft Windows Vista Business SP1 Microsoft Windows Vista Business Microsoft Windows Vista 0 Microsoft Windows Server 2008 Standard Edition SP2 Microsoft Windows Server 2008 Standard Edition Release Candidate Microsoft Windows Server 2008 Standard Edition 0 Microsoft Windows Server 2008 R2 Datacenter 0 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems R2 Microsoft Windows Server 2008 for x64-based Systems 0 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems R2 Microsoft Windows Server 2008 for Itanium-based Systems 0 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems 0 Microsoft Windows Server 2008 Enterprise Edition SP2 Microsoft Windows Server 2008 Enterprise Edition 0 Microsoft Windows Server 2008 Datacenter Edition SP2 Microsoft Windows Server 2008 Datacenter Edition 0 Microsoft Windows Server 2003 x64 SP2 Microsoft Windows Server 2003 x64 SP1 Microsoft Windows Server 2003 Web Edition SP2 Microsoft Windows Server 2003 Web Edition SP1 Microsoft Windows Server 2003 Web Edition Microsoft Windows Server 2003 Standard Edition SP2 Microsoft Windows Server 2003 Standard Edition SP1 Microsoft Windows Server 2003 Standard Edition Microsoft Windows Server 2003 Itanium SP2 Microsoft Windows Server 2003 Itanium SP1 Microsoft Windows Server 2003 Itanium 0 Microsoft Windows Server 2003 Enterprise Edition Itanium SP1 Microsoft Windows Server 2003 Enterprise Edition Itanium 0 Microsoft Windows Server 2003 Enterprise Edition SP1 Microsoft Windows Server 2003 Enterprise Edition Microsoft Windows Server 2003 Datacenter x64 Edition Microsoft Windows Server 2003 Datacenter Edition Itanium SP1 Microsoft Windows Server 2003 Datacenter Edition Itanium 0 Microsoft Windows Server 2003 Datacenter Edition SP1 Microsoft Windows Server 2003 Datacenter Edition Microsoft Windows 7 for x64-based Systems 0 Microsoft Windows 7 for 32-bit Systems 0 Microsoft Windows 2000 Server SP4 Microsoft Windows 2000 Server SP3 Microsoft Windows 2000 Server SP2 Microsoft Windows 2000 Server SP1 Microsoft Windows 2000 Server + Avaya DefinityOne Media Servers + Avaya IP600 Media Servers + Avaya S3400 Message Application Server 0 + Avaya S8100 Media Servers 0 Microsoft Windows 2000 Professional SP4 Microsoft Windows 2000 Professional SP3 Microsoft Windows 2000 Professional SP2 Microsoft Windows 2000 Professional SP1 Microsoft Windows 2000 Professional Microsoft Windows 2000 Datacenter Server SP4 Microsoft Windows 2000 Datacenter Server SP3 Microsoft Windows 2000 Datacenter Server SP2 Microsoft Windows 2000 Datacenter Server SP1 Microsoft Windows 2000 Datacenter Server Microsoft Windows 2000 Advanced Server SP4 Microsoft Windows 2000 Advanced Server SP3 Microsoft Windows 2000 Advanced Server SP2 Microsoft Windows 2000 Advanced Server SP1 Microsoft Windows 2000 Advanced Server Avaya Messaging Application Server MM 3.1 Avaya Messaging Application Server MM 3.0 Avaya Messaging Application Server MM 2.0 Avaya Messaging Application Server MM 1.1 Avaya Messaging Application Server 0 Avaya Meeting Exchange - Webportal 0 Avaya Meeting Exchange - Web Conferencing Server 0 Avaya Meeting Exchange - Streaming Server 0 Avaya Meeting Exchange - Recording Server 0 Avaya Meeting Exchange - Client Registration Server 0 3DM Software Disk Management Software SP2 3DM Software Disk Management Software SP1 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息: Microsoft Windows XP Media Center Edition SP2 Microsoft Cumulative Security Update for ActiveX Killbits for Windows XP (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=8c3f2e81-c0ea -494a-a47c-4f8982effb49 Microsoft Cumulative Security Update for ActiveX Killbits for Windows XP (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=7bcf3945-0552 -478e-b7f3-bbca97dd1b5d Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Cumulative Security Update for ActiveX Killbits for Windows Server 2008 (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=a06b9f42-47ac -4ff2-ac32-e4958cdb611e Microsoft Cumulative Security Update for ActiveX Killbits for Windows Server 2008 (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=9a85b1bf-7427 -47d0-9e1b-21dbe824a62c Microsoft Windows Server 2008 for x64-based Systems R2 Microsoft Cumulative Security Update for ActiveX Killbits for Windows Server 2008 R2 x64 Edition (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=901f7c89-02af -4f87-8592-dad318997d77 Microsoft Cumulative Security Update for ActiveX Killbits for Windows Server 2008 R2 x64 Edition (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=cda31c54-8b81 -4185-a623-64480ad4b73c Microsoft Windows Vista x64 Edition 0 Microsoft Cumulative Security Update for ActiveX Killbits for Windows Vista for x64-based Systems (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=f349f7aa-d020 -4e0d-a35f-518a63ec92df Microsoft Windows XP Tablet PC Edition SP2 Microsoft Cumulative Security Update for ActiveX Killbits for Windows XP (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=7bcf3945-0552 -478e-b7f3-bbca97dd1b5d Microsoft Cumulative Security Update for ActiveX Killbits for Windows XP (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=8c3f2e81-c0ea -494a-a47c-4f8982effb49 Microsoft Windows XP Media Center Edition SP3 Microsoft Cumulative Security Update for ActiveX Killbits for Windows XP (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=7bcf3945-0552 -478e-b7f3-bbca97dd1b5d Microsoft Cumulative Security Update for ActiveX Killbits for Windows XP (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=8c3f2e81-c0ea -494a-a47c-4f8982effb49 Microsoft Windows 7 for 32-bit Systems 0 Microsoft Cumulative Security Update for ActiveX Killbits for Windows 7 (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=5bce87fe-dcbb -4638-b248-3f0755537b00 Microsoft Cumulative Security Update for ActiveX Killbits for Windows 7 (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=ec6d996f-dffa -45ad-9467-e96a4ac63e5f Microsoft Windows Server 2003 Web Edition SP2 Microsoft Security Update for ActiveX Killbits for Windows Server 2003 (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=3c0bd349-aa77 -47de-ba1d-1fcc72dcad28 Microsoft Security Update for ActiveX Killbits for Windows Server 2003 (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=29ff72f7-1663 -4f35-a794-2dfe3c17b39c Microsoft Windows XP Professional x64 Edition SP2 Microsoft Cumulative Security Update for ActiveX Killbits for Windows XP x64 Edition (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyId=25ef97e8-e76e -44c2-953c-f94cbac552cf Microsoft Cumulative Security Update for ActiveX Killbits for Windows XP x64 Edition (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyId=f3e462fb-df95 -4b79-a8bc-5359c2967503 Microsoft Windows Vista 0 Microsoft Cumulative Security Update for ActiveX Killbits for Windows Vista (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=2c897ddd-f441 -41d4-b5b4-d794cfc96e6b Microsoft Windows Server 2003 x64 SP2 Microsoft Cumulative Security Update for ActiveX Killbits for Windows Server 2003 x64 Edition (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=d4a97bb7-4f74 -4884-9a6e-7a4df9c540fb Microsoft Cumulative Security Update for ActiveX Killbits for Windows Server 2003 x64 Edition (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=4aa0ec4f-5502 -4f2a-9732-975518c34444 Microsoft Windows Vista x64 Edition SP1 Microsoft Cumulative Security Update for ActiveX Killbits for Windows Vista for x64-based Systems (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=ddf55e74-dbaa -45f7-ac5b-ae3da24e0e33 Microsoft Cumulative Security Update for ActiveX Killbits for Windows Vista for x64-based Systems (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=f349f7aa-d020 -4e0d-a35f-518a63ec92df Microsoft Windows XP Tablet PC Edition SP3 Microsoft Cumulative Security Update for ActiveX Killbits for Windows XP (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=7bcf3945-0552 -478e-b7f3-bbca97dd1b5d Microsoft Cumulative Security Update for ActiveX Killbits for Windows XP (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=8c3f2e81-c0ea -494a-a47c-4f8982effb49 Microsoft Windows Vista SP1 Microsoft Cumulative Security Update for ActiveX Killbits for Windows Vista (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=2ddaa4b3-1a98 -4183-94af-ebdae4e7b76a Microsoft Cumulative Security Update for ActiveX Killbits for Windows Vista (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=2c897ddd-f441 -41d4-b5b4-d794cfc96e6b Microsoft Windows Server 2008 for x64-based Systems 0 Microsoft Cumulative Security Update for ActiveX Killbits for Windows Server 2008 x64 Edition (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=fde218c3-90ab -4664-852d-25ca55835054 Microsoft Cumulative Security Update for ActiveX Killbits for Windows Server 2008 x64 Edition (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=6d0a3f7c-2617 -4bc6-a4c7-cda26c6471e1 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Cumulative Security Update for ActiveX Killbits for Windows Server 2008 for Itanium-based Systems (K http://www.microsoft.com/downloads/details.aspx?FamilyID=38347fa6-5946 -4bb5-9fea-a5b2f4e7c1f2 Microsoft Cumulative Security Update for ActiveX Killbits for Windows Server 2008 for Itanium-based Systems (K http://www.microsoft.com/downloads/details.aspx?FamilyID=5b6e9451-df38 -4626-bb1d-4fc160d7a40e Microsoft Windows 2000 Advanced Server SP4 Microsoft Cumulative Security Update for ActiveX Killbits for Windows 2000 (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=543dc6a7-fa76 -4ba9-81e4-25fdf2013548 Microsoft Cumulative Security Update for ActiveX Killbits for Windows 2000 (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=d3955983-0079 -476e-a488-99713097259c 3DM Software Disk Management Software SP2 Microsoft Security Update for ActiveX Killbits for Windows Server 2003 (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=3c0bd349-aa77 -47de-ba1d-1fcc72dcad28 Microsoft Security Update for ActiveX Killbits for Windows Server 2003 (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=29ff72f7-1663 -4f35-a794-2dfe3c17b39c Microsoft Windows 7 for x64-based Systems 0 Microsoft Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=b3265576-04c1 -48b1-8ce9-128843c58cf5 Microsoft Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=ee68ecd0-5b8a -4c1e-bdee-bd8616558d43 Microsoft Windows Server 2003 Standard Edition SP2 Microsoft Security Update for ActiveX Killbits for Windows Server 2003 (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=3c0bd349-aa77 -47de-ba1d-1fcc72dcad28 Microsoft Security Update for ActiveX Killbits for Windows Server 2003 (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=29ff72f7-1663 -4f35-a794-2dfe3c17b39c Microsoft Windows XP Home SP2 Microsoft Cumulative Security Update for ActiveX Killbits for Windows XP (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=7bcf3945-0552 -478e-b7f3-bbca97dd1b5d Microsoft Cumulative Security Update for ActiveX Killbits for Windows XP (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=8c3f2e81-c0ea -494a-a47c-4f8982effb49 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Cumulative Security Update for ActiveX Killbits for Windows Server 2008 x64 Edition (KB980195) http://www.microsoft.com/downloads/details.aspx?FamilyID=6d0a3f7c-2617 -4bc6-a4c7-cda26c6471e1 Microsoft Cumulative Security Update for ActiveX Killbits for Windows Server 2008 x64 Edition (KB978262) http://www.microsoft.com/downloads/details.aspx?FamilyID=fde218c3-90ab -4664-852d-25ca55835054
    idSSV:20291
    last seen2017-11-19
    modified2010-12-17
    published2010-12-17
    reporterRoot
    titleMicrosoft Data Analyzer 'max3activex.dll' ActiveX控件远程代码执行漏洞

References