[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

247085

 
 

909

 
 

194218

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-0806Date: (C)2010-03-10   (M)2023-12-22


Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, aka "Uninitialized Memory Corruption Vulnerability."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-38615
SECUNIA-38860
OSVDB-62810
ADV-2010-0567
ADV-2010-0744
MS10-018
TA10-068A
TA10-089A
VU#744549
http://blogs.technet.com/msrc/archive/2010/03/09/security-advisory-981374-released.aspx
http://www.microsoft.com/technet/security/advisory/981374.mspx
ms-ie-useafterfree-code-execution(56772)
oval:org.mitre.oval:def:8446

CWE    1
CWE-399
OVAL    2
oval:org.mitre.oval:def:8446
oval:org.secpod.oval:def:2032

© SecPod Technologies