9.3

CVE-2010-0249

Exploit

Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object, related to incorrectly initialized memory and improper handling of objects in memory, as exploited in the wild in December 2009 and January 2010 during Operation Aurora, aka "HTML Object Memory Corruption Vulnerability."

Data is provided by the National Vulnerability Database (NVD)
MicrosoftInternet Explorer Version5.0.1 Updatesp4
   MicrosoftWindows 2000 Version- Updatesp4
MicrosoftInternet Explorer Version6 Updatesp1
   MicrosoftWindows 2000 Version- Updatesp4
MicrosoftInternet Explorer Version6 Update-
   MicrosoftWindows Server 2003 Version- Updatesp2 HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 HwPlatformx64
   MicrosoftWindows Xp Version- Updatesp2
   MicrosoftWindows Xp Version- Updatesp2 SwEditionprofessional HwPlatformx64
   MicrosoftWindows Xp Version- Updatesp3
MicrosoftInternet Explorer Version7.0
   MicrosoftWindows Server 2003 Version- Updatesp2 HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 HwPlatformx64
   MicrosoftWindows Server 2008 Version-
   MicrosoftWindows Server 2008 Version- Updatesp2
   MicrosoftWindows Vista Version- SwEdition- HwPlatformx64
   MicrosoftWindows Vista Version- Updatesp1 SwEdition- HwPlatformx64
   MicrosoftWindows Vista Version- Updatesp2 SwEdition- HwPlatformx64
   MicrosoftWindows Xp Version- Updatesp2
   MicrosoftWindows Xp Version- Updatesp2 SwEditionprofessional HwPlatformx64
   MicrosoftWindows Xp Version- Updatesp3
MicrosoftInternet Explorer Version8
   MicrosoftWindows 7 Version-
   MicrosoftWindows Server 2003 Version- Updatesp2 HwPlatformx64
   MicrosoftWindows Server 2008 Version-
   MicrosoftWindows Server 2008 Version- Updatesp2
   MicrosoftWindows Server 2008 Versionr2 HwPlatformitanium
   MicrosoftWindows Server 2008 Versionr2 HwPlatformx64
   MicrosoftWindows Vista Version- SwEdition- HwPlatformx64
   MicrosoftWindows Vista Version- Updatesp1 SwEdition- HwPlatformx64
   MicrosoftWindows Vista Version- Updatesp2 SwEdition- HwPlatformx64
   MicrosoftWindows Xp Version- Updatesp2
   MicrosoftWindows Xp Version- Updatesp2 SwEditionprofessional HwPlatformx64
   MicrosoftWindows Xp Version- Updatesp3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 91.39% 0.997
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

http://securitytracker.com/id?1023462
Third Party Advisory
Broken Link
VDB Entry
http://www.exploit-db.com/exploits/11167
Third Party Advisory
Exploit
VDB Entry
http://www.kb.cert.org/vuls/id/492515
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/37815
Third Party Advisory
Exploit
Broken Link
VDB Entry
http://www.us-cert.gov/cas/techalerts/TA10-055A.html
Third Party Advisory
US Government Resource
Broken Link