3 matches found
CVE-2010-0245
CVE-2010-0245 describes an Uninitialized Memory Corruption vulnerability in Microsoft Internet Explorer 8 where accessing an uninitialized or deleted in-memory object can lead to remote code execution. The connected KB (MS10-002) confirms this class of issue affects Internet Explorer and provides...
Microsoft IE基线标签渲染远程代码执行漏洞(MS10-002)
BUGTRAQ ID: 37895 CVE ID: CVE-2010-0245 Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 如果交错的strike和center标签中包含用用于操控sub或sup等字体基线的元素的话,则在IE渲染该标签时存在释放后使用错误。在删除这个元素指针的时候,IE之后会引用已被释放的指针。 攻击者可以通过构建特制的网页来利用该漏洞,当用户查看网页时,该漏洞可能允许远程执行代码。 Microsoft Internet Explorer 8.0 临时解决方法: 将Internet...
Internet Explorer 8 Overlap Components Memory Corruption (MS09-072; CVE-2009-3671; CVE-2010-0245; CVE-2010-0246)
Microsoft Internet Explorer is the most widely used Internet browser. A memory corruption vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been correctly initialized or has been deleted. To trigge...