Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2010 Greenbone AGOPENVAS:1361412562310800429
HistoryJan 20, 2010 - 12:00 a.m.

Microsoft Internet Explorer RCE Vulnerability (979352)

2010-01-2000:00:00
Copyright (C) 2010 Greenbone AG
plugins.openvas.org
17

8.9 High

AI Score

Confidence

High

0.967 High

EPSS

Percentile

99.6%

JSON

Internet Explorer is prone to a remote code execution (RCE) vulnerability.

This VT has been replaced by OID:1.3.6.1.4.1.25623.1.0.901097.

# SPDX-FileCopyrightText: 2010 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.800429");
  script_version("2024-02-16T05:06:55+0000");
  script_tag(name:"deprecated", value:TRUE);
  script_tag(name:"last_modification", value:"2024-02-16 05:06:55 +0000 (Fri, 16 Feb 2024)");
  script_tag(name:"creation_date", value:"2010-01-20 08:21:11 +0100 (Wed, 20 Jan 2010)");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2024-02-15 21:06:48 +0000 (Thu, 15 Feb 2024)");
  script_cve_id("CVE-2010-0249");
  script_name("Microsoft Internet Explorer RCE Vulnerability (979352)");

  script_xref(name:"URL", value:"http://support.microsoft.com/kb/979352");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/37815");
  script_xref(name:"URL", value:"http://www.microsoft.com/technet/security/advisory/979352.mspx");

  script_category(ACT_GATHER_INFO);
  script_tag(name:"qod_type", value:"executable_version");
  script_copyright("Copyright (C) 2010 Greenbone AG");
  script_family("Windows");

  script_tag(name:"impact", value:"Successful exploitation will allow remote attackers to execute arbitrary code
  via specially crafted attack.");

  script_tag(name:"affected", value:"Internet Explorer Version 6.x, 7.x and 8.x.");

  script_tag(name:"insight", value:"An invalid pointer reference error exists under certain conditions letting an
  invalid pointer to be accessed after an object is deleted.");

  script_tag(name:"summary", value:"Internet Explorer is prone to a remote code execution (RCE) vulnerability.

  This VT has been replaced by OID:1.3.6.1.4.1.25623.1.0.901097.");

  script_tag(name:"solution", value:"Apply the patch from the referenced advisory.");

  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

exit(66); ## This VT is deprecated as addressed in secpod_ms10-002.nasl

Related

checkpoint_advisories 4
symantec 1
exploitpack 1
canvas 1
packetstorm 4
saint 4
prion 1
securityvulns 3
cert 1
cve 1
seebug 1
cvelist 1
openvas 3
exploitdb 1
threatpost 1
mskb 1
nessus 1
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer HTML Object Memory Corruption Vulnerability Use After Free - Ver2 (CVE-2010-0249)
2014-04-16 00:00:00
Trojan: Aurora.Hydraq (CVE-2010-0249)
2010-01-27 00:00:00
Internet Explorer Invalid Pointer Reference Memory Corruption (CVE-2010-0249)
2010-01-17 00:00:00
symantec
symantec
Internet Explorer CVE-2010-0249 'srcElement()' Remote Code Execution Vulnerability
2010-01-14 00:00:00
exploitpack
exploitpack
Microsoft Internet Explorer 6 - Aurora Memory Corruption (MS10-002)
2010-01-17 00:00:00
canvas
canvas
Immunity Canvas: AURORA_FLASH
2010-01-15 17:30:00
packetstorm
packetstorm
Internet Explorer Aurora Exploit
2010-01-17 00:00:00
Internet Explorer 6 Web Server Exploit
2010-01-20 00:00:00
Internet Explorer "Aurora" Memory Corruption
2010-03-11 00:00:00
saint
saint
Internet Explorer Eventparam use-after-free vulnerability
2010-01-20 00:00:00
Internet Explorer Eventparam use-after-free vulnerability
2010-01-20 00:00:00
Internet Explorer Eventparam use-after-free vulnerability
2010-01-20 00:00:00
prion
prion
Memory corruption
2010-01-15 17:30:00
securityvulns
securityvulns
Code to mitigate IE event zero-day (CVE-2010-0249)
2010-01-19 00:00:00
Microsoft Security Bulletin MS10-002 - Critical Cumulative Security Update for Internet Explorer (978207)
2010-01-22 00:00:00
Microsoft Internet Explorer Multiple security vulnerabilities
2010-01-23 00:00:00
cert
cert
Microsoft Internet Explorer HTML object memory corruption vulnerability
2010-01-14 00:00:00
cve
cve
CVE-2010-0249
2010-01-15 17:30:00
seebug
seebug
Internet Explorer Aurora Exploit
2010-01-18 00:00:00
cvelist
cvelist
CVE-2010-0249
2010-01-15 17:00:00
openvas
openvas
Microsoft Internet Explorer Remote Code Execution Vulnerability (979352)
2010-01-20 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (978207)
2010-01-22 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (978207)
2010-01-22 00:00:00
exploitdb
exploitdb
Microsoft Internet Explorer 6 - 'Aurora' Memory Corruption (MS10-002)
2010-01-17 00:00:00
threatpost
threatpost
Microsoft Knew of IE Zero-Day Flaw Since September
2010-01-21 20:40:23
mskb
mskb
MS10-002: Cumulative security update for Internet Explorer
2014-06-23 07:27:25
nessus
nessus
MS10-002: Cumulative Security Update for Internet Explorer (978207)
2009-01-21 00:00:00

8.9 High

AI Score

Confidence

High

0.967 High

EPSS

Percentile

99.6%

JSON
Related for OPENVAS:1361412562310800429
checkpoint_advisories4symantec1exploitpack1canvas1packetstorm4saint4prion1securityvulns3cert1cve1seebug1cvelist1openvas3exploitdb1threatpost1mskb1nessus1