CVE-2010-3973

Name of the Vulnerable Software and Affected Versions Microsoft WMI Administrative Tools version 1.1 and earlier

Description A remote code execution issue exists in one of the Microsoft WMITools ActiveX controls, potentially allowing an attacker to execute arbitrary code via a crafted argument to the AddContextRef method. This could be related to an untrusted pointer dereference. An attacker could exploit this issue by constructing a specially crafted Web page. When a user views the Web page, the issue could allow remote code execution, potentially giving the attacker the same user rights as the logged-on user.

Recommendations For Microsoft WMI Administrative Tools version 1.1 and earlier, consider disabling the AddContextRef method in the WBEMSingleView.ocx ActiveX control as a temporary workaround until a patch is available. Restrict access to the WBEMSingleView.ocx control to minimize the risk of exploitation.