Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability."
References
Link | Resource |
---|---|
http://www.securitytracker.com/id?1024872 | Broken Link Third Party Advisory VDB Entry |
http://www.us-cert.gov/cas/techalerts/TA10-348A.html | Third Party Advisory US Government Resource |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-090 | Patch Vendor Advisory |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12322 | Tool Signature |
http://www.securitytracker.com/id?1024872 | Broken Link Third Party Advisory VDB Entry |
http://www.us-cert.gov/cas/techalerts/TA10-348A.html | Third Party Advisory US Government Resource |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-090 | Patch Vendor Advisory |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12322 | Tool Signature |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
21 Nov 2024, 01:18
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securitytracker.com/id?1024872 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.us-cert.gov/cas/techalerts/TA10-348A.html - Third Party Advisory, US Government Resource | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-090 - Patch, Vendor Advisory | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12322 - Tool Signature |
Information
Published : 2010-12-16 19:33
Updated : 2024-11-21 01:18
NVD link : CVE-2010-3346
Mitre link : CVE-2010-3346
CVE.ORG link : CVE-2010-3346
JSON object : View
Products Affected
microsoft
- windows_vista
- windows_7
- windows_xp
- windows_server_2003
- windows_server_2008
- internet_explorer
CWE
CWE-908
Use of Uninitialized Resource