CVE-2010-0245

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, and CVE-2010-0246.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:8.0.6001:*:*:*:*:*:*:*
OR cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*

History

21 Nov 2024, 01:11

Type Values Removed Values Added
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/55775 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/55775 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8491 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8491 -

07 Dec 2023, 18:38

Type Values Removed Values Added
CPE cpe:2.3:o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*

Information

Published : 2010-01-22 22:00

Updated : 2024-11-21 01:11


NVD link : CVE-2010-0245

Mitre link : CVE-2010-0245

CVE.ORG link : CVE-2010-0245


JSON object : View

Products Affected

microsoft

  • windows_server_2008
  • windows_server_2003
  • windows_vista
  • internet_explorer
  • windows_xp
  • windows_7
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')