[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-0492Date: (C)2010-03-31   (M)2023-12-22


Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1023773
http://www.securityfocus.com/archive/1/510506/100/0/threaded
BID-39030
ADV-2010-0744
MS10-018
TA10-068A
TA10-089A
http://www.zerodayinitiative.com/advisories/ZDI-10-033
oval:org.mitre.oval:def:7722

CWE    1
CWE-94
OVAL    2
oval:org.secpod.oval:def:2032
oval:org.mitre.oval:def:7722

© SecPod Technologies