CVE-2010-2566
published 2010-08-11CVE-2010-2566: The Secure Channel (aka SChannel) security package in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, does not properly validate certificate…
PriorityP355critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
15.35%
96.4th percentile
The Secure Channel (aka SChannel) security package in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, does not properly validate certificate request messages from TLS and SSL servers, which allows remote servers to execute arbitrary code via a crafted SSL response, aka "SChannel Malformed Certificate Request Remote Code Execution Vulnerability."
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.us-cert.gov/cas/techalerts/TA10-222A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11787http://www.us-cert.gov/cas/techalerts/TA10-222A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11787
2010-08-11
Published