Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-0255
HistoryFeb 04, 2010 - 8:15 p.m.

CVE-2010-0255

2010-02-0420:15:00
CWE-264
[email protected]
web.nvd.nist.gov
55
cve-2010-0255
microsoft
internet explorer
javascript
exploit
security vulnerability

6.2 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.947 High

EPSS

Percentile

99.2%

JSON

Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving JavaScript exploit code that constructs a reference to a file://127.0.0.1 URL, aka the dynamic OBJECT tag vulnerability, as demonstrated by obtaining the data from an index.dat file, a variant of CVE-2009-1140 and related to CVE-2008-1448.

Related

prion 4
checkpoint_advisories 3
canvas 1
openvas 9
packetstorm 2
seebug 4
securityvulns 10
coresecurity 3
cve 3
nessus 3
symantec 1
mskb 1
prion
prion
Design/Logic Flaw
2010-02-04 20:15:00
Design/Logic Flaw
2010-02-04 20:15:00
Information disclosure
2008-08-13 00:41:00
checkpoint_advisories
checkpoint_advisories
Internet Explorer Response Redirect Information Disclosure (CVE-2010-0255)
2010-02-09 00:00:00
Microsoft Windows MHTML URL Parsing Information Disclosure (MS08-048; CVE-2008-1448)
2008-08-12 00:00:00
Internet Explorer History Index Script Injection (MS09-019; CVE-2009-1140)
2009-06-09 00:00:00
canvas
canvas
Immunity Canvas: IE_DUMPFILES
2010-02-04 20:15:00
openvas
openvas
Microsoft Internet Explorer Information Disclosure Vulnerability (980088)
2010-02-08 00:00:00
Microsoft Internet Explorer Information Disclosure Vulnerability (980088)
2010-02-08 00:00:00
Security Update for Outlook Express (951066)
2008-08-19 00:00:00
packetstorm
packetstorm
Core Security Technologies Advisory 2009.0625
2010-02-04 00:00:00
Core Security Technologies Advisory 2008.0826
2009-06-10 00:00:00
seebug
seebug
Microsoft IE动态OBJECT标签信息泄露漏洞
2010-02-04 00:00:00
Microsoft IE URLMON嗅探跨域信息泄露漏洞
2010-02-05 00:00:00
Microsoft IE MHTML协议处理器跨域信息泄露漏洞(MS08-048)
2008-08-15 00:00:00
securityvulns
securityvulns
CORE-2009-0625: Internet Explorer Dynamic OBJECT tag and URLMON sniffing vulnerabilities
2010-02-04 00:00:00
Microsoft Internet Explorer information leak
2010-02-04 00:00:00
Microsoft Security Bulletin MS08-048 - Important Security Update for Outlook Express and Windows Mail (951066)
2008-08-12 00:00:00
coresecurity
coresecurity
Internet Explorer Dynamic OBJECT tag and URLMON sniffing vulnerabilities
2010-02-03 00:00:00
Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass
2008-08-13 00:00:00
Internet Explorer Security Zone restrictions bypass
2009-06-09 00:00:00
cve
cve
CVE-2010-0555
2010-02-04 20:15:00
CVE-2008-1448
2008-08-13 00:41:00
CVE-2009-1140
2009-06-10 18:30:00
nessus
nessus
MS08-048: Security Update for Outlook Express and Windows Mail (951066)
2008-08-13 00:00:00
MS10-035: Cumulative Security Update for Internet Explorer (982381)
2010-06-09 00:00:00
MS09-019: Cumulative Security Update for Internet Explorer (969897)
2009-06-10 00:00:00
symantec
symantec
Microsoft Internet Explorer Cached Content Cross Domain Information Disclosure Vulnerability
2009-06-09 00:00:00
mskb
mskb
MS10-035: Cumulative security update for Internet Explorer
2014-06-21 13:52:45

6.2 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.947 High

EPSS

Percentile

99.2%

JSON
Related for CVE-2010-0255
prion4checkpoint_advisories3canvas1openvas9packetstorm2seebug4securityvulns10coresecurity3cve3nessus3symantec1mskb1