Vulnerability Details : CVE-2010-3889
Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified by Microsoft researchers and other researchers.
Exploit prediction scoring system (EPSS) score for CVE-2010-3889
Probability of exploitation activity in the next 30 days: 0.05%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 14 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-3889
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2010-3889
-
http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute8.xml
Virus Bulletin :: Last-minute paper: Unravelling Stuxnet
-
http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute7.xml
Virus Bulletin :: Last-minute paper: An indepth look into Stuxnet
-
http://www.securelist.com/en/blog/2291/Myrtus_and_Guava_Episode_MS10_061
Myrtus and Guava, Episode MS10-061 | Securelist
-
http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2010/20100716-(1)
Page not found | BeyondTrust
-
http://www.symantec.com/connect/blogs/stuxnet-using-three-additional-zero-day-vulnerabilities
Stuxnet Using Three Additional Zero-Day Vulnerabilities | Symantec Connect Community
-
http://www.computerworld.com/s/article/9185919/Is_Stuxnet_the_best_malware_ever_
Is Stuxnet the 'best' malware ever? | Computerworld
Products affected by CVE-2010-3889
- cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*