Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-3499


Vulnerability Score 6.4 6.4
CVE Id CVE-2010-3499
Last Modified 22 Aug 2012 12:00:00
Published 22 Aug 2012 06:42:04
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



F-Secure Anti-Virus does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution. NOTE: the researcher indicates that a vendor response was received, stating that "the inability to catch these files are caused by lacking functionality rather than programming errors."

Vulnerable Systems


  • F-secure Anti-virus -


BUGTRAQ - 20101018 Antivirus detection after malware execution


Last Updated: 27 May 2016 10:51:42