Lucene search

[email protected]CVE-2010-0807

HistoryMar 31, 2010 - 7:30 p.m.

CVE-2010-0807

2010-03-3119:30:00

CWE-94

[email protected]

web.nvd.nist.gov

microsoft

ie7

memory corruption

vulnerability

cve-2010-0807

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.834 High

EPSS

Percentile

98.5%

JSON

Microsoft Internet Explorer 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, leading to memory corruption, aka “HTML Rendering Memory Corruption Vulnerability.”

Affected configurations

NVD

Node

microsoftinternet_explorerMatch7

AND

microsoftwindows_2003_serversp2itanium

microsoftwindows_server_2003sp2

microsoftwindows_xpsp2

microsoftwindows_xpsp3

microsoftwindows_xpMatch-sp2x64

Node

microsoftinternet_explorerMatch7

AND

microsoftwindows_server_2008itanium

microsoftwindows_server_2008x32

microsoftwindows_server_2008x64

microsoftwindows_server_2008sp2x32

microsoftwindows_server_2008Match-sp2itanium

microsoftwindows_server_2008Match-sp2x64

microsoftwindows_vista

microsoftwindows_vistax64

microsoftwindows_vistasp1

microsoftwindows_vistasp2

microsoftwindows_vistaMatch-sp1

microsoftwindows_vistaMatch-sp2

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq7
microsoft:windows_2003_servermicrosoft windows 2003 servereq*
microsoft:windows_server_2003microsoft windows server 2003eq*
microsoft:windows_xpmicrosoft windows xpeq*
microsoft:windows_xpmicrosoft windows xpeq-

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	7
microsoft:windows_2003_server	microsoft windows 2003 server	eq	*
microsoft:windows_server_2003	microsoft windows server 2003	eq	*
microsoft:windows_xp	microsoft windows xp	eq	*
microsoft:windows_xp	microsoft windows xp	eq	-