CVE-2010-1261

HIGH

Description

The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."

References

http://osvdb.org/65214

http://support.avaya.com/css/P8/documents/100089747

http://www.us-cert.gov/cas/techalerts/TA10-159B.html

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-035

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7124

Details

Source: MITRE

Published: 2010-06-08

Updated: 2018-10-30

Type: CWE-94

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Tenable Plugins

View all (1 total)

IDNameProductFamilySeverity
46842MS10-035: Cumulative Security Update for Internet Explorer (982381)NessusWindows : Microsoft Bulletins
high