CVE-2010-0491
 
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 allows remote attackers to execute arbitrary code by changing unspecified properties of an HTML object that has an onreadystatechange event handler, aka "HTML Object Memory Corruption Vulnerability."
Vulnerabilidad de uso despues de liberación en Microsoft Internet Explorer 5.01 SP4, 6 y 6 SP1, permite a atacantes remotos ejecutar código de su elección cambiando propiedades no especificadas de un objeto HTML que tiene un gestor de evento "onreadystatechange", también conocido como "HTML Object Memory Corruption Vulnerability."
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-02-02 CVE Reserved
- 2010-03-31 CVE Published
- 2024-08-07 CVE Updated
- 2024-11-08 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=864 | Third Party Advisory | |
http://securitytracker.com/id?1023773 | Vdb Entry | |
http://www.us-cert.gov/cas/techalerts/TA10-068A.html | Third Party Advisory | |
http://www.us-cert.gov/cas/techalerts/TA10-089A.html | Third Party Advisory | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8421 | Signature |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.securityfocus.com/bid/39027 | 2021-07-23 | |
http://www.vupen.com/english/advisories/2010/0744 | 2021-07-23 |
URL | Date | SRC |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018 | 2021-07-23 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 6 Search vendor "Microsoft" for product "Internet Explorer" and version "6" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | * | sp2, itanium |
Affected
|
Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 6 Search vendor "Microsoft" for product "Internet Explorer" and version "6" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003" | * | sp2 |
Affected
|
Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 6 Search vendor "Microsoft" for product "Internet Explorer" and version "6" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp2 |
Affected
|
Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 6 Search vendor "Microsoft" for product "Internet Explorer" and version "6" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp3 |
Affected
|
Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 6 Search vendor "Microsoft" for product "Internet Explorer" and version "6" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | - | sp2, x64 |
Affected
|
Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 5.01 Search vendor "Microsoft" for product "Internet Explorer" and version "5.01" | sp4 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 2000 Search vendor "Microsoft" for product "Windows 2000" | * | sp4 |
Affected
|
Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 6 Search vendor "Microsoft" for product "Internet Explorer" and version "6" | sp1 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 2000 Search vendor "Microsoft" for product "Windows 2000" | * | sp4 |
Affected
|