CVE-2010-0487
- EPSS 24.22%
- Veröffentlicht 14.04.2010 16:00:01
- Zuletzt bearbeitet 16.06.2026 23:16:16
The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Se...
- EPSS 10.75%
- Veröffentlicht 14.04.2010 16:00:00
- Zuletzt bearbeitet 16.06.2026 23:15:15
The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2003 SP2, does not properly parse MX records, which allows remote DNS servers to cause a denial of service (serv...
- EPSS 21.49%
- Veröffentlicht 14.04.2010 16:00:00
- Zuletzt bearbeitet 16.06.2026 23:15:15
The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2000 SP3, does not properly allocate memory for SMTP command replies, which allows remote attackers to read frag...
CVE-2010-0267
- EPSS 34.41%
- Veröffentlicht 31.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:15:49
Microsoft Internet Explorer 6, 6 SP1, and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corrupti...
CVE-2010-0488
- EPSS 29.23%
- Veröffentlicht 31.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:16
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified "encoding strings," which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site, aka "Post Encoding ...
CVE-2010-0489
- EPSS 23.73%
- Veröffentlicht 31.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:16
Race condition in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Race Condition Memory Corruption Vulnerability."
CVE-2010-0491
- EPSS 29.28%
- Veröffentlicht 31.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:16
Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 allows remote attackers to execute arbitrary code by changing unspecified properties of an HTML object that has an onreadystatechange event handler, aka "HTML Object M...
CVE-2010-0494
- EPSS 22.89%
- Veröffentlicht 31.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:17
Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the cl...
CVE-2010-0805
- EPSS 80.6%
- Veröffentlicht 31.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:52
The Tabular Data Control (TDC) ActiveX control in Microsoft Internet Explorer 5.01 SP4, 6 on Windows XP SP2 and SP3, and 6 SP1 allows remote attackers to execute arbitrary code via a long URL (DataURL parameter) that triggers memory corruption in the...
CVE-2010-0483
- EPSS 86.37%
- Veröffentlicht 03.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:15
vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (...