Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, CVE-2010-0245, and CVE-2010-0246.
References
Link | Resource |
---|---|
http://www.us-cert.gov/cas/techalerts/TA10-222A.html | Third Party Advisory US Government Resource |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053 | Patch Vendor Advisory |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11984 | Tool Signature |
http://www.us-cert.gov/cas/techalerts/TA10-222A.html | Third Party Advisory US Government Resource |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053 | Patch Vendor Advisory |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11984 | Tool Signature |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 01:16
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.us-cert.gov/cas/techalerts/TA10-222A.html - Third Party Advisory, US Government Resource | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053 - Patch, Vendor Advisory | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11984 - Tool Signature |
Information
Published : 2010-08-11 18:47
Updated : 2024-11-21 01:16
NVD link : CVE-2010-2559
Mitre link : CVE-2010-2559
CVE.ORG link : CVE-2010-2559
JSON object : View
Products Affected
microsoft
- windows_server_2008
- windows_server_2003
- windows_vista
- internet_explorer
- windows_xp
- windows_7
CWE
CWE-908
Use of Uninitialized Resource