CVE-2010-0247

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2010-0247
Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."

9.3 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002
https://exchange.xforce.ibmcloud.com/vulnerabilities/55777
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8506
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2462.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2479.0006:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2600.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2800.1106:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2900.2180:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3663.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3718.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3790.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3790.1830:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3790.3959:*:*:*:*:*:*:*
OR cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
History

23 Jul 2021, 15:06

Type Values Removed Values Added
CPE cpe:2.3:a:microsoft:ie:6.00.2479.0006:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.0.2800.1106:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.00.3718.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.0.2900.2180:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:5.01:sp4:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.0.2800:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.00.3663.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.0.2600:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.00.2800.1106:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.00.3790.1830:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.00.3790.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.00.2600.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.00.2900.2180:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.0.2900:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.00.3790.3959:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.00.2462.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.0:*:*:*:*:*:*:*		 cpe:2.3:a:microsoft:internet_explorer:6.00.2900.2180:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2479.0006:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3790.1830:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2800.1106:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2462.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3790.3959:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2600.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3663.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3790.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3718.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
Information

Published : 2010-01-22 22:00

Updated : 2023-12-10 11:03

NVD link : CVE-2010-0247

Mitre link : CVE-2010-0247

CVE.ORG link : CVE-2010-0247

JSON object : View

Products Affected

microsoft

  • windows_2000
  • internet_explorer
  • windows_server_2003
  • windows_xp
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')