9.3
CVE-2010-3343
- EPSS 58.39%
- Published 16.12.2010 19:33:02
- Last modified 11.04.2025 00:51:21
- Source secure@microsoft.com
- Teams watchlist Login
- Open Login
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."
Data is provided by the National Vulnerability Database (NVD)
Microsoft ≫ Internet Explorer Version6
Microsoft ≫ Windows Server 2003 Version- Updatesp2
Microsoft ≫ Windows Xp Version- Updatesp2 SwEditionprofessional HwPlatformx64
Microsoft ≫ Windows Xp Version- Updatesp3
Microsoft ≫ Windows Xp Version- Updatesp2 SwEditionprofessional HwPlatformx64
Microsoft ≫ Windows Xp Version- Updatesp3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 58.39% | 0.982 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-908 Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.