9.3
CVE-2010-0491
- EPSS 29.28%
- Veröffentlicht 31.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:16
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 allows remote attackers to execute arbitrary code by changing unspecified properties of an HTML object that has an onreadystatechange event handler, aka "HTML Object Memory Corruption Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Internet Explorer Version6
Microsoft ≫ Windows 2003 Server Updatesp2 Editionitanium
Microsoft ≫ Windows Server 2003 Updatesp2
Microsoft ≫ Windows Xp Updatesp2
Microsoft ≫ Windows Xp Updatesp3
Microsoft ≫ Windows Xp Version- Updatesp2 Editionx64
Microsoft ≫ Internet Explorer Version5.01 Updatesp4
Microsoft ≫ Internet Explorer Version6 Updatesp1
Microsoft ≫ Windows 2000 Updatesp4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 29.28% | 0.979 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://www.us-cert.gov/cas/techalerts/TA10-068A.html
http://www.us-cert.gov/cas/techalerts/TA10-089A.html
http://www.vupen.com/english/advisories/2010/0744
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018
http://securitytracker.com/id?1023773
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=864
http://www.securityfocus.com/bid/39027
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8421