[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-3971Date: (C)2010-12-22   (M)2023-12-22


Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a self-referential @import rule in a stylesheet, aka "CSS Memory Corruption Vulnerability."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1024922
EXPLOIT-DB-15708
EXPLOIT-DB-15746
http://seclists.org/fulldisclosure/2010/Dec/110
SECUNIA-42510
BID-45246
ADV-2010-3156
ADV-2011-0318
MS11-003
VU#634956
http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx
http://support.avaya.com/css/P8/documents/100127294
http://www.breakingpointsystems.com/community/blog/ie-vulnerability/
http://www.microsoft.com/technet/security/advisory/2488013.mspx
http://www.wooyun.org/bugs/wooyun-2010-0885
oval:org.mitre.oval:def:12382

CPE    2
cpe:/a:microsoft:internet_explorer:7
cpe:/a:microsoft:internet_explorer:8
CWE    1
CWE-399
OVAL    2
oval:org.secpod.oval:def:78
oval:org.secpod.oval:def:1049

© SecPod Technologies