Lucene search

[email protected]CVE-2010-3329

HistoryOct 13, 2010 - 7:00 p.m.

CVE-2010-3329

2010-10-1319:00:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2010-3329

microsoft internet explorer

remote code execution

html vulnerability

nvd

security advisory

7.2 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.963 High

EPSS

Percentile

99.5%

JSON

mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka “Uninitialized Memory Corruption Vulnerability.”

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq7
microsoft:internet_explorermicrosoft internet explorereq8

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	7
microsoft:internet_explorer	microsoft internet explorer	eq	8

References

support.avaya.com/css/P8/documents/100113324

www.securityfocus.com/bid/43706

www.us-cert.gov/cas/techalerts/TA10-285A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-071

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7482

7.2 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.963 High

EPSS

Percentile

99.5%

JSON

Related for CVE-2010-3329

packetstorm1 seebug3 checkpoint_advisories2 prion1 exploitpack1 securityvulns3 exploitdb1 openvas2 nessus1