9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.8%
Name | ie_peers_setattribute |
---|---|
CVE | CVE-2010-0806 Exploit Pack |
VENDOR: Microsoft | |
Notes: | |
This is the ie_peers exploit for IE 6/7, first discovered in the wild in March, 2010. | |
It will work on both DEP and non-DEP machines and should be reliable on XP SP2-3. |
It is fixed by: KB980182
Obviously, beating DEP the way we do here requires language-pack dependant
addresses.
VersionsAffected: XP, IE 7, IE 6
Repeatability: Infinite
References: [βhttp://www.microsoft.com/technet/security/advisory/981374.mspxβ, βhttp://www.microsoft.com/technet/security/bulletin/ms10-018.mspxβ]
Date public: 03/09/2010
MSADV: MS10-018