CVSS: 9.3EPSS: 44%CPEs: 27EXPL: 0CVE-2010-0489
https://notcve.org/view.php?id=CVE-2010-0489
Race condition in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Race Condition Memory Corruption Vulnerability." Condición de carrera en Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1 y 7 permite a atacantes remotos ejecutar código de su elección mediante un documento HTML manipulado que dispara una corrupción de memoria, también conocido como "Race Condition Memory Corruption Vulnerability." • http://securitytracker.com/id?1023773 http://www.securityfocus.com/bid/39026 http://www.us-cert.gov/cas/techalerts/TA10-068A.html http://www.us-cert.gov/cas/techalerts/TA10-089A.html http://www.vupen.com/english/advisories/2010/0744 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7774 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 10.0EPSS: 97%CPEs: 6EXPL: 2CVE-2010-0805 – Microsoft Internet Explorer Tabular Data Control ActiveX Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0805
The Tabular Data Control (TDC) ActiveX control in Microsoft Internet Explorer 5.01 SP4, 6 on Windows XP SP2 and SP3, and 6 SP1 allows remote attackers to execute arbitrary code via a long URL (DataURL parameter) that triggers memory corruption in the CTDCCtl::SecurityCHeckDataURL function, aka "Memory Corruption Vulnerability." El control ActiveX de Tabular Data Control (TDC) en Internet Explorer de Microsoft versiones 5.01 SP4, 6 sobre Windows XP SP2 y SP3, y versión 6 SP1, permite a los atacantes remotos ejecutar código arbitrario por medio de una URL larga (parámetro DataURL) que desencadena corrupción de memoria en la función CTDCCtl::SecurityCHeckDataURL, también se conoce como "Memory Corruption Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer 6. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the Tabular Data Control ActiveX module. Specifically, if provided a malicious DataURL parameter a stack corruption may occur in the function CTDCCtl::SecurityCHeckDataURL. • https://www.exploit-db.com/exploits/12032 https://www.exploit-db.com/exploits/16567 http://securitytracker.com/id?1023773 http://www.securityfocus.com/archive/1/510507/100/0/threaded http://www.securityfocus.com/bid/39025 http://www.us-cert.gov/cas/techalerts/TA10-068A.html http://www.us-cert.gov/cas/techalerts/TA10-089A.html http://www.vupen.com/english/advisories/2010/0744 http://www.zerodayinitiative.com/advisories/ZDI-10-034 https://docs.microsoft.com/en-us/ • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 93%CPEs: 9EXPL: 0CVE-2010-0491
https://notcve.org/view.php?id=CVE-2010-0491
Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 allows remote attackers to execute arbitrary code by changing unspecified properties of an HTML object that has an onreadystatechange event handler, aka "HTML Object Memory Corruption Vulnerability." Vulnerabilidad de uso despues de liberación en Microsoft Internet Explorer 5.01 SP4, 6 y 6 SP1, permite a atacantes remotos ejecutar código de su elección cambiando propiedades no especificadas de un objeto HTML que tiene un gestor de evento "onreadystatechange", también conocido como "HTML Object Memory Corruption Vulnerability." • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=864 http://securitytracker.com/id?1023773 http://www.securityfocus.com/bid/39027 http://www.us-cert.gov/cas/techalerts/TA10-068A.html http://www.us-cert.gov/cas/techalerts/TA10-089A.html http://www.vupen.com/english/advisories/2010/0744 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8421 • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 2%CPEs: 26EXPL: 2CVE-2010-1127
https://notcve.org/view.php?id=CVE-2010-1127
Microsoft Internet Explorer 6 and 7 does not initialize certain data structures during execution of the createElement method, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code, as demonstrated by setting the (1) outerHTML or (2) value property of an object returned by createElement. Microsoft Internet Explorer 6 y 7 no inicializan ciertas estructuras durante la ejecución del método createElement, lo que permite a atacantes remotos provocar una denegación de servicio (desreferenciación de puntero nulo y caída de aplicación) a través de código JavaScript, como se demostró fijando el valor de (1) outerHTML o (2) propiedad valor de un objeto devuelto por createElement. • http://archives.neohapsis.com/archives/bugtraq/2010-01/0237.html http://archives.neohapsis.com/archives/bugtraq/2010-01/0278.html http://securityreason.com/exploitalert/7731 •
CVSS: 9.3EPSS: 97%CPEs: 25EXPL: 2CVE-2010-0806 – Microsoft Internet Explorer - 'iepeers.dll' Use-After-Free
https://notcve.org/view.php?id=CVE-2010-0806
Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, aka "Uninitialized Memory Corruption Vulnerability." La vulnerabilidad de Uso de la Memoria Previamente Liberada en el componente Peer Objects (también se conoce como iepeers.dll) en Microsoft Internet Explorer versiones 6, 6 SP1 y 7 permite a los atacantes remotos ejecutar código arbitrario por medio de vectores que implican el acceso a un puntero no válido luego de la eliminación de un objeto, tal y como se explotó "in the wild" en marzo de 2010, también se conoce como "Uninitialized Memory Corruption Vulnerability". • https://www.exploit-db.com/exploits/11683 https://www.exploit-db.com/exploits/16590 http://blogs.technet.com/msrc/archive/2010/03/09/security-advisory-981374-released.aspx http://osvdb.org/62810 http://secunia.com/advisories/38860 http://www.kb.cert.org/vuls/id/744549 http://www.microsoft.com/technet/security/advisory/981374.mspx http://www.securityfocus.com/bid/38615 http://www.us-cert.gov/cas/techalerts/TA10-068A.html http://www.us-cert.gov/cas/techalerts/TA • CWE-399: Resource Management Errors •