cve-2010-3970

About this tag
CVE-2010-3970 is a Windows Shell Graphics Processing Overrun Vulnerability that was addressed by Microsoft in security bulletin MS11-006. The vulnerability could allow remote code execution if a user viewed a specially crafted thumbnail image. Microsoft released security updates to resolve this issue, and workarounds included modifying the Access Control List on shimgvw.dll for Windows XP and Windows Server 2003, or disabling thumbnail viewing in Windows Explorer on Windows Vista and Windows Server 2008. The advisory (2490606) provided guidance until the update was published.
  1. News

    Microsoft Security Advisory (2490606): Vulnerability in Graphics Rendering Engine Could Allow Remote

    Revision Note: V2.0 (February 8, 2011): Advisory updated to reflect publication of security bulletin. Summary: Microsoft has completed the investigation into public reports of this vulnerability. We have issued MS11-006 to address this issue. For more information about this issue...
  2. News

    Microsoft Security Advisory (2490606): Vulnerability in Graphics Rendering Engine Could Allow Remote

    Revision Note: V2.0 (February 8, 2011): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into public reports of this vulnerability. We have issued MS11-006 to address this issue. For more information about this issue...
  3. News

    Microsoft Security Advisory (2490606): Vulnerability in Graphics Rendering Engine Could Allow Remote

    Revision Note: V1.2 (January 19, 2011): Clarified that the Modify the Access Control List (ACL) on shimgvw.dll workaround only applies to Windows XP and Windows Server 2003 systems and added a new workaround, Disable viewing of thumbnails in Windows Explorer on Windows Vista and Windows Server...
Back
Top