Lucene search

[email protected]CVE-2010-2559

HistoryAug 11, 2010 - 6:47 p.m.

CVE-2010-2559

2010-08-1118:47:00

CWE-908

[email protected]

web.nvd.nist.gov

cve-2010-2559

microsoft

internet explorer 8

memory corruption

remote code execution

nvd

vulnerability

7.2 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.964 High

EPSS

Percentile

99.6%

JSON

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka “Uninitialized Memory Corruption Vulnerability,” a different vulnerability than CVE-2009-3671, CVE-2009-3674, CVE-2010-0245, and CVE-2010-0246.

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq8

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	8

References

www.us-cert.gov/cas/techalerts/TA10-222A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11984

7.2 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.964 High

EPSS

Percentile

99.6%

JSON

Related for CVE-2010-2559

prion5 cve4 checkpoint_advisories5 symantec2 securityvulns10 nessus3 seebug4 zdi4 openvas6 mskb1