CVE-2010-0806
8.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, aka "Uninitialized Memory Corruption Vulnerability."
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://osvdb.org/62810
- http://www.us-cert.gov/cas/techalerts/TA10-089A.html
- http://www.securityfocus.com/bid/38615
- http://www.vupen.com/english/advisories/2010/0567
- http://secunia.com/advisories/38860
- http://www.us-cert.gov/cas/techalerts/TA10-068A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018
- http://www.microsoft.com/technet/security/advisory/981374.mspx
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56772
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8446
- http://www.vupen.com/english/advisories/2010/0744
- http://blogs.technet.com/msrc/archive/2010/03/09/security-advisory-981374-released.aspx
- http://www.kb.cert.org/vuls/id/744549
CISA ADP Vulnrichment
- SSVC:
- Exploitation: active
- Automatable: no
- Technical Impact: total
Additional References
- https://learn.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0806
References
- http://osvdb.org/62810
- http://www.us-cert.gov/cas/techalerts/TA10-089A.html
- http://www.securityfocus.com/bid/38615
- http://www.vupen.com/english/advisories/2010/0567
- http://secunia.com/advisories/38860
- http://www.us-cert.gov/cas/techalerts/TA10-068A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018
- http://www.microsoft.com/technet/security/advisory/981374.mspx
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56772
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8446
- http://www.vupen.com/english/advisories/2010/0744
- http://blogs.technet.com/msrc/archive/2010/03/09/security-advisory-981374-released.aspx
- http://www.kb.cert.org/vuls/id/744549
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.