CVE-2010-0818
published 2010-09-15CVE-2010-0818: The MPEG-4 codec in the Windows Media codecs in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not…
PriorityP355critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
13.94%
96.1th percentile
The MPEG-4 codec in the Windows Media codecs in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly handle crafted media content with MPEG-4 video encoding, which allows remote attackers to execute arbitrary code via a file in an unspecified "supported format," aka "MPEG-4 Codec Vulnerability."
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
GPL EXPLOIT NTLM ASN.1 vulnerability scan attempt
suricata·2010-09-23
CVE-2003-0818 GPL EXPLOIT NTLM ASN.1 vulnerability scan attempt
GPL EXPLOIT NTLM ASN.1 vulnerability scan attempt
Rule: alert http1 $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL EXPLOIT NTLM ASN.1 vulnerability scan attempt"; flow:established,to_server; http.header; content:"Authorization|3A| Negotiate YIQAAABiBoMAAAYrBgEFBQKgggBTMIFQoA4wDAYKKwYBBAGCNwICCqM"; reference:bugtraq,9633; reference:bugtraq,9635; reference:cve,2003-0818; reference:nessus,12052; reference:nessus,12055; reference:nessus,12065; reference:url,www.microsoft.com/technet/security/bulletin/MS04-007.mspx; classtype:attempted-dos; sid:2102386; rev:14; metadata:created_at 2010_09_23, cve CVE_2003_0818, signature_severity Major, updated_at 2024_04_03;)
Suricata
GPL NETBIOS SMB-DS DCERPC NTLMSSP invalid mechlistMIC attempt
suricata·2010-09-23
CVE-2003-0818 GPL NETBIOS SMB-DS DCERPC NTLMSSP invalid mechlistMIC attempt
GPL NETBIOS SMB-DS DCERPC NTLMSSP invalid mechlistMIC attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 445 (msg:"GPL NETBIOS SMB-DS DCERPC NTLMSSP invalid mechlistMIC attempt"; flow:established,to_server; content:"|FF|SMBs"; depth:5; offset:4; nocase; content:"`"; depth:1; offset:63; content:"|00 00 00|b|06 83 00 00 06|+|06 01 05 05 02|"; within:15; distance:1; content:"|06 0A|+|06 01 04 01 82|7|02 02 0A|"; distance:0; content:"|A3|>0<|A0|0"; distance:0; reference:bugtraq,9633; reference:bugtraq,9635; reference:cve,2003-0818; reference:nessus,12052; reference:nessus,12054; reference:nessus,12065; classtype:attempted-dos; sid:2102385; rev:13; metadata:created_at 2010_09_23, cve CVE_2003_0818, confidence Medium, signature_severity Informational, updated_at 2024_03_08;)
Suricata
GPL NETBIOS SMB-DS Session Setup NTMLSSP asn1 overflow attempt
suricata·2010-09-23
CVE-2003-0818 GPL NETBIOS SMB-DS Session Setup NTMLSSP asn1 overflow attempt
GPL NETBIOS SMB-DS Session Setup NTMLSSP asn1 overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 445 (msg:"GPL NETBIOS SMB-DS Session Setup NTMLSSP asn1 overflow attempt"; flow:established,to_server; content:"|00|"; depth:1; content:"|FF|SMBs"; within:5; distance:3; byte_test:1,!&,128,6,relative; byte_test:4,&,2147483648,48,relative,little; content:!"NTLMSSP"; within:7; distance:54; asn1:double_overflow, bitstring_overflow, relative_offset 54, oversize_length 2048; reference:bugtraq,9633; reference:bugtraq,9635; reference:cve,2003-0818; reference:nessus,12052; reference:nessus,12065; reference:url,www.microsoft.com/technet/security/bulletin/MS04-007.mspx; classtype:protocol-command-decode; sid:2102383; rev:21; metadata:created_at 2010_09_23, cve CVE_2003_0818, confidence Medi
Suricata
GPL NETBIOS SMB NTLMSSP invalid mechlistMIC attempt
suricata·2010-09-23
CVE-2003-0818 GPL NETBIOS SMB NTLMSSP invalid mechlistMIC attempt
GPL NETBIOS SMB NTLMSSP invalid mechlistMIC attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:"GPL NETBIOS SMB NTLMSSP invalid mechlistMIC attempt"; flow:established,to_server; content:"|FF|SMBs"; depth:5; offset:4; nocase; content:"`"; depth:1; offset:63; content:"|00 00 00|b|06 83 00 00 06|+|06 01 05 05 02|"; within:15; distance:1; content:"|06 0A|+|06 01 04 01 82|7|02 02 0A|"; distance:0; content:"|A3|>0<|A0|0"; distance:0; reference:bugtraq,9633; reference:bugtraq,9635; reference:cve,2003-0818; reference:nessus,12052; reference:nessus,12054; reference:nessus,12065; classtype:attempted-dos; sid:2102384; rev:12; metadata:created_at 2010_09_23, cve CVE_2003_0818, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL NETBIOS SMB-DS Session Setup NTMLSSP unicode asn1 overflow attempt
suricata·2010-09-23
CVE-2003-0818 GPL NETBIOS SMB-DS Session Setup NTMLSSP unicode asn1 overflow attempt
GPL NETBIOS SMB-DS Session Setup NTMLSSP unicode asn1 overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 445 (msg:"GPL NETBIOS SMB-DS Session Setup NTMLSSP unicode asn1 overflow attempt"; flow:established,to_server; content:"|00|"; depth:1; content:"|FF|SMBs"; within:5; distance:3; byte_test:1,&,128,6,relative; byte_test:4,&,2147483648,48,relative,little; content:!"NTLMSSP"; within:7; distance:54; asn1:double_overflow, bitstring_overflow, relative_offset 54, oversize_length 2048; reference:bugtraq,9633; reference:bugtraq,9635; reference:cve,2003-0818; reference:nessus,12052; reference:nessus,12065; reference:url,www.microsoft.com/technet/security/bulletin/MS04-007.mspx; classtype:protocol-command-decode; sid:2103003; rev:7; metadata:created_at 2010_09_23, cve CVE_2003_0818, c
Zscaler
Zscaler Provides Protection for 3 New Microsoft Vulnerabilities | Zscaler
blogs_zscaler·CVSS 9.3
[CRITICAL] Zscaler Provides Protection for 3 New Microsoft Vulnerabilities | Zscaler
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
Bugzilla
CVE-2010-2793 spice activex/spicec named pipe races
bugzilla·2010-08-02·CVSS 6.8
CVE-2010-2793 [MEDIUM] CVE-2010-2793 spice activex/spicec named pipe races
CVE-2010-2793 spice activex/spicec named pipe races
There is a race in spice-activex when a local attacker is able to create a named pipe with the expected name that is used for parameter passing (password, cert file) between spice-activex and spice client.
Also ImpersonateNamedPipeClient() function that allows server to impersonate security context of connected user could be used to gain privileges of the spice user.
Discussion:
This issue has been addressed in following products:
Red Hat Enterprise Virtualization Manager
Via RHSA-2010:0818 https://rhn.redhat.com/errata/RHSA-2010-0818.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-062https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7318https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-062https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7318
2010-09-15
Published