CVE-2010-0247

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2010-0247
Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."

9.3 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/55777
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8506
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3718.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3790.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2462.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2479.0006:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3790.1830:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3790.3959:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2600.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2800.1106:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2900.2180:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3663.0000:*:*:*:*:*:*:*
OR cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
Information

Published : 2010-01-22 14:00

Updated : 2021-07-23 08:06

NVD link : CVE-2010-0247

Mitre link : CVE-2010-0247

JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa
Products Affected

microsoft

  • windows_server_2003
  • windows_xp
  • internet_explorer
  • windows_2000