{"api_version":"1","generated_at":"2026-04-22T12:55:43+00:00","cve":"CVE-2010-2568","urls":{"html":"https://cve.report/CVE-2010-2568","api":"https://cve.report/api/cve/CVE-2010-2568.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2010-2568","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2010-2568"},"summary":{"title":"CVE-2010-2568","description":"Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010, and originally reported for malware that leverages CVE-2010-2772 in Siemens WinCC SCADA systems.","state":"PUBLISHED","assigner":"microsoft","published_at":"2010-07-22 05:43:49","updated_at":"2026-04-22 10:35:13"},"problem_types":["NVD-CWE-noinfo","n/a","CWE-noinfo Not enough information"],"metrics":[{"version":"3.1","source":"ADP","type":"DECLARED","score":"7.8","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","data":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"7.8","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"9.3","severity":"","vector":"AV:N/AC:M/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.kb.cert.org/vuls/id/940193","name":"http://www.kb.cert.org/vuls/id/940193","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory","US Government Resource"],"title":"US-CERT Vulnerability Note VU#940193","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.us-cert.gov/cas/techalerts/TA10-222A.html","name":"http://www.us-cert.gov/cas/techalerts/TA10-222A.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"],"title":"US-CERT Technical Cyber Security Alert TA10-222A -- Microsoft Updates for Multiple Vulnerabilities","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/40647","name":"http://secunia.com/advisories/40647","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"About Secunia Research | Flexera","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.f-secure.com/weblog/archives/00001986.html","name":"http://www.f-secure.com/weblog/archives/00001986.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"],"title":"Espionage Attack Uses LNK Shortcut Files - F-Secure Weblog : News from the Lab","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://isc.sans.edu/diary.html?storyid=9181","name":"http://isc.sans.edu/diary.html?storyid=9181","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking"],"title":"Vulnerability in Windows \"LNK\" files?","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/41732","name":"http://www.securityfocus.com/bid/41732","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Exploit","Third Party Advisory","VDB Entry"],"title":"Microsoft Windows Shortcut 'LNK/PIF' Files Automatic File Execution Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/","name":"http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Press/Media Coverage"],"title":"Experts Warn of New Windows Shortcut Flaw —  Krebs on Security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.microsoft.com/technet/security/advisory/2286198.mspx","name":"http://www.microsoft.com/technet/security/advisory/2286198.mspx","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Patch","Vendor Advisory"],"title":"Your request has been blocked. This could be\r\n                        due to several reasons.","mime":"text/html","httpstatus":"403","archivestatus":"200"},{"url":"http://www.f-secure.com/weblog/archives/new_rootkit_en.pdf","name":"http://www.f-secure.com/weblog/archives/new_rootkit_en.pdf","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"],"title":"","mime":"application/pdf","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-2568","name":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-2568","refsource":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"http://securitytracker.com/id?1024216","name":"http://securitytracker.com/id?1024216","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Microsoft Windows Shell LNK Shortcut Processing Flaw Lets Users Execute Arbitrary Code","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.geoffchappell.com/notes/security/stuxnet/ctrlfldr.htm","name":"https://www.geoffchappell.com/notes/security/stuxnet/ctrlfldr.htm","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"The CPL Icon Loading Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11564","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11564","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-046","name":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-046","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Microsoft Security Bulletin MS10-046 - Critical | Microsoft Docs","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://isc.sans.edu/diary.html?storyid=9190","name":"http://isc.sans.edu/diary.html?storyid=9190","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"],"title":"Preempting a Major Issue Due to the LNK Vulnerability - Raising Infocon to Yellow","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2010-2568","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2568","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[{"source":"ADP","time":"2022-09-15T00:00:00.000Z","lang":"en","value":"CVE-2010-2568 added to CISA KEV"}],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2010","cve_id":"2568","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_7","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"2568","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_server_2003","cpe6":"-","cpe7":"sp2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"2568","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_server_2008","cpe6":"-","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"2568","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_server_2008","cpe6":"-","cpe7":"sp2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"2568","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_server_2008","cpe6":"r2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"itanium","cpe13":"*"},{"cve_year":"2010","cve_id":"2568","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_server_2008","cpe6":"r2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"x64","cpe13":"*"},{"cve_year":"2010","cve_id":"2568","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_vista","cpe6":"-","cpe7":"sp1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"2568","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_vista","cpe6":"-","cpe7":"sp2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"2568","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_xp","cpe6":"-","cpe7":"sp2","cpe8":"*","cpe9":"*","cpe10":"professional","cpe11":"*","cpe12":"x64","cpe13":"*"},{"cve_year":"2010","cve_id":"2568","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_xp","cpe6":"-","cpe7":"sp3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":{"cve_year":"2010","cve_id":"2568","cve":"CVE-2010-2568","vendorProject":"Microsoft","product":"Windows","vulnerabilityName":"Microsoft Windows Remote Code Execution Vulnerability","dateAdded":"2022-09-15","shortDescription":"Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attacker who successfully exploited this vulnerability could execute code as the logged-on user.","requiredAction":"Apply updates per vendor instructions.","dueDate":"2022-10-06","knownRansomwareCampaignUse":"Unknown","notes":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-046; https://nvd.nist.gov/vuln/detail/CVE-2010-2568","cwes":"CWE-20","catalogVersion":"2026.04.21","updated_at":"2026-04-21 13:32:18"},"epss":{"cve_year":"2010","cve_id":"2568","cve":"CVE-2010-2568","epss":"0.921340000","percentile":"0.997140000","score_date":"2026-04-21","updated_at":"2026-04-22 00:07:39"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T02:39:36.528Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"TA10-222A","tags":["third-party-advisory","x_refsource_CERT","x_transferred"],"url":"http://www.us-cert.gov/cas/techalerts/TA10-222A.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://isc.sans.edu/diary.html?storyid=9181"},{"name":"oval:org.mitre.oval:def:11564","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11564"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.f-secure.com/weblog/archives/00001986.html"},{"name":"VU#940193","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"http://www.kb.cert.org/vuls/id/940193"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/"},{"name":"40647","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/40647"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.microsoft.com/technet/security/advisory/2286198.mspx"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://isc.sans.edu/diary.html?storyid=9190"},{"name":"41732","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/41732"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.f-secure.com/weblog/archives/new_rootkit_en.pdf"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.geoffchappell.com/notes/security/stuxnet/ctrlfldr.htm"},{"name":"1024216","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1024216"},{"name":"MS10-046","tags":["vendor-advisory","x_refsource_MS","x_transferred"],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-046"}],"title":"CVE Program Container"},{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"}},{"other":{"content":{"id":"CVE-2010-2568","options":[{"Exploitation":"active"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2025-05-01T03:55:13.211673Z","version":"2.0.3"},"type":"ssvc"}},{"other":{"content":{"dateAdded":"2022-09-15","reference":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-2568"},"type":"kev"}}],"problemTypes":[{"descriptions":[{"description":"CWE-noinfo Not enough information","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2025-10-22T00:05:52.095Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"references":[{"tags":["government-resource"],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-2568"}],"timeline":[{"lang":"en","time":"2022-09-15T00:00:00.000Z","value":"CVE-2010-2568 added to CISA KEV"}],"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2010-07-16T00:00:00.000Z","descriptions":[{"lang":"en","value":"Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010, and originally reported for malware that leverages CVE-2010-2772 in Siemens WinCC SCADA systems."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-12T19:57:01.000Z","orgId":"f38d906d-7342-40ea-92c1-6c4a2c6478c8","shortName":"microsoft"},"references":[{"name":"TA10-222A","tags":["third-party-advisory","x_refsource_CERT"],"url":"http://www.us-cert.gov/cas/techalerts/TA10-222A.html"},{"tags":["x_refsource_MISC"],"url":"http://isc.sans.edu/diary.html?storyid=9181"},{"name":"oval:org.mitre.oval:def:11564","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11564"},{"tags":["x_refsource_MISC"],"url":"http://www.f-secure.com/weblog/archives/00001986.html"},{"name":"VU#940193","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"http://www.kb.cert.org/vuls/id/940193"},{"tags":["x_refsource_MISC"],"url":"http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/"},{"name":"40647","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/40647"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.microsoft.com/technet/security/advisory/2286198.mspx"},{"tags":["x_refsource_MISC"],"url":"http://isc.sans.edu/diary.html?storyid=9190"},{"name":"41732","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/41732"},{"tags":["x_refsource_MISC"],"url":"http://www.f-secure.com/weblog/archives/new_rootkit_en.pdf"},{"tags":["x_refsource_MISC"],"url":"https://www.geoffchappell.com/notes/security/stuxnet/ctrlfldr.htm"},{"name":"1024216","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1024216"},{"name":"MS10-046","tags":["vendor-advisory","x_refsource_MS"],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-046"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"secure@microsoft.com","ID":"CVE-2010-2568","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010, and originally reported for malware that leverages CVE-2010-2772 in Siemens WinCC SCADA systems."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"TA10-222A","refsource":"CERT","url":"http://www.us-cert.gov/cas/techalerts/TA10-222A.html"},{"name":"http://isc.sans.edu/diary.html?storyid=9181","refsource":"MISC","url":"http://isc.sans.edu/diary.html?storyid=9181"},{"name":"oval:org.mitre.oval:def:11564","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11564"},{"name":"http://www.f-secure.com/weblog/archives/00001986.html","refsource":"MISC","url":"http://www.f-secure.com/weblog/archives/00001986.html"},{"name":"VU#940193","refsource":"CERT-VN","url":"http://www.kb.cert.org/vuls/id/940193"},{"name":"http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/","refsource":"MISC","url":"http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/"},{"name":"40647","refsource":"SECUNIA","url":"http://secunia.com/advisories/40647"},{"name":"http://www.microsoft.com/technet/security/advisory/2286198.mspx","refsource":"CONFIRM","url":"http://www.microsoft.com/technet/security/advisory/2286198.mspx"},{"name":"http://isc.sans.edu/diary.html?storyid=9190","refsource":"MISC","url":"http://isc.sans.edu/diary.html?storyid=9190"},{"name":"41732","refsource":"BID","url":"http://www.securityfocus.com/bid/41732"},{"name":"http://www.f-secure.com/weblog/archives/new_rootkit_en.pdf","refsource":"MISC","url":"http://www.f-secure.com/weblog/archives/new_rootkit_en.pdf"},{"name":"https://www.geoffchappell.com/notes/security/stuxnet/ctrlfldr.htm","refsource":"MISC","url":"https://www.geoffchappell.com/notes/security/stuxnet/ctrlfldr.htm"},{"name":"1024216","refsource":"SECTRACK","url":"http://securitytracker.com/id?1024216"},{"name":"MS10-046","refsource":"MS","url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-046"}]}}}},"cveMetadata":{"assignerOrgId":"f38d906d-7342-40ea-92c1-6c4a2c6478c8","assignerShortName":"microsoft","cveId":"CVE-2010-2568","datePublished":"2010-07-22T10:00:00.000Z","dateReserved":"2010-06-30T00:00:00.000Z","dateUpdated":"2025-10-22T00:05:52.095Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2010-07-22 05:43:49","lastModifiedDate":"2026-04-22 10:35:13","problem_types":["NVD-CWE-noinfo","n/a","CWE-noinfo Not enough information"],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*","matchCriteriaId":"E33796DB-4523-4F04-B564-ADF030553D51"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*","matchCriteriaId":"1D929AA2-EE0B-4AA1-805D-69BCCA11B77F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:*:*:*:*","matchCriteriaId":"C2EE0AD3-2ADC-480E-B03E-06962EC4F095"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*","matchCriteriaId":"5F422A8C-2C4E-42C8-B420-E0728037E15C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:*","matchCriteriaId":"B20DD263-5A62-4CB1-BD47-D1F9A6C67E08"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*","matchCriteriaId":"B7674920-AE12-4A25-BE57-34AEDDA74D76"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*","matchCriteriaId":"3A04E39A-623E-45CA-A5FC-25DAA0F275A3"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*","matchCriteriaId":"BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*","matchCriteriaId":"C6109348-BC79-4ED3-8D41-EA546A540C79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*","matchCriteriaId":"C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2010","CveId":"2568","Ordinal":"1","Title":"CVE-2010-2568","CVE":"CVE-2010-2568","Year":"2010"},"notes":[{"CveYear":"2010","CveId":"2568","Ordinal":"1","NoteData":"Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010, and originally reported for malware that leverages CVE-2010-2772 in Siemens WinCC SCADA systems.","Type":"Description","Title":"CVE-2010-2568"},{"CveYear":"2010","CveId":"2568","Ordinal":"2","NoteData":"2010-07-22","Type":"Other","Title":"Published"},{"CveYear":"2010","CveId":"2568","Ordinal":"3","NoteData":"2018-10-12","Type":"Other","Title":"Modified"}]}}}