CVSS: 9.3EPSS: 93%CPEs: 39EXPL: 0CVE-2010-3331
https://notcve.org/view.php?id=CVE-2010-3331
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." Microsoft Internet Explorer 6 hasta 8 no maneja adecuadamente objetos en memoria en ciertas circunstancias involucrando el uso de Microsoft Word para leer documentos Word, permite a atacantes remotos ejecutar códido de su elección accediendo a un objeto que (1) no fue correctamente inicializado o (2) es borrado, provocando una corrupción de memoria, también conocido como "Vulnerabilidad de corrupción de memoria no inicializada". • http://support.avaya.com/css/P8/documents/100113324 http://www.us-cert.gov/cas/techalerts/TA10-285A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-071 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6832 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.2EPSS: 44%CPEs: 4EXPL: 0CVE-2010-2741
https://notcve.org/view.php?id=CVE-2010-2741
The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 performs an incorrect integer calculation during font processing, which allows local users to gain privileges via a crafted application, aka "OpenType Font Validation Vulnerability." El driver de formato OpenType Font (OTF) en Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 realiza un cálculo incorrecto de entero durante el procesamiento de la fuente, lo cual permite a los usuarios locales escalar privilegios a través de aplicaciones manipuladas, también conocido como "OpenType Font Validation Vulnerability". • http://support.avaya.com/css/P8/documents/100113218 http://www.us-cert.gov/cas/techalerts/TA10-285A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-078 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6742 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 91%CPEs: 17EXPL: 0CVE-2010-1883 – Microsoft Internet Explorer EOT File hdmx Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1883
Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary code via a crafted table in an embedded font, aka "Embedded OpenType Font Integer Overflow Vulnerability." Desbordamiento de entero en el Embedded OpenType (EOT) Font Engine en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, SP2, y R2, y Windows 7 permite a los atacantes remotos ejecutar códio a su elección a través de una tabla manipulada en una fuente embebida, también conocido como "Embedded OpenType Font Integer Overflow Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of an Embedded OpenType file to TrueType format within t2embed.dll. The most likely vector for this to be exploited is via Internet Explorer as an embedded font in an HTML/CSS document. • http://www.us-cert.gov/cas/techalerts/TA10-285A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6881 • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 91%CPEs: 26EXPL: 0CVE-2010-3328 – Microsoft Internet Explorer Stylesheet PrivateFind Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3328
Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code by setting an unspecified property of a stylesheet object, aka "Uninitialized Memory Corruption Vulnerability." Vulnerabilidad de Uso de la Memoria Previamente Liberada en la función CAttrArray::PrivateFind en la biblioteca mshtml.dll en Microsoft Internet Explorer versión 6 hasta la versión 8 permite a los atacantes remotos ejecutar código arbitrario mediante el establecimiento de una propiedad no especificada de un objeto StyleSheet, también se conoce como "Uninitialized Memory Corruption Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the function CAttrArray::PrivateFind as defined in mshtml.dll. If a specific property of a stylesheet object is set, the code within mshtml can be forced to free an object which is subsequently accessed later. • http://support.avaya.com/css/P8/documents/100113324 http://www.securityfocus.com/bid/43705 http://www.us-cert.gov/cas/techalerts/TA10-285A.html http://www.zerodayinitiative.com/advisories/ZDI-10-197 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-071 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7059 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 29%CPEs: 9EXPL: 0CVE-2010-0818
https://notcve.org/view.php?id=CVE-2010-0818
The MPEG-4 codec in the Windows Media codecs in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly handle crafted media content with MPEG-4 video encoding, which allows remote attackers to execute arbitrary code via a file in an unspecified "supported format," aka "MPEG-4 Codec Vulnerability." El códec MPEG-4 en los códecs de Windows Media en Microsoft Windows XP SP2 y SP3, Server 2003 SP2, Vista SP1 y SP2, y Server 2008 Gold y SP2 no maneja adecuadamente contenido multimedia codificado con video MPEG-4 manipulado, lo cual permite a los atacantes remotos ejecutar código a su elección a través de ficheros con un formato soportado no especificado, también conocido como "MPEG-4 Codec Vulnerability". • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7318 • CWE-94: Improper Control of Generation of Code ('Code Injection') •