CVE-2010-2559

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 11-08-2010 08:47

Last modified: - 28-02-2022 06:31

Total changes: - 2

Description

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, CVE-2010-0245, and CVE-2010-0246.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:N/C:C/I:C/A:C

Low

Attack complexity

Network

Attack vector

High

Availability

High

Confidentiality

High

Integrity

Privileges required

Scope

User interaction

9.3

Base score

8.6

10.0

Exploitability score

Impact score

Verification logic

AND

vendor=microsoft AND product=internet_explorer AND version=8

vendor=microsoft AND product=windows_7 AND version=-

vendor=microsoft AND product=windows_server_2003 AND version=- AND update=sp2

vendor=microsoft AND product=windows_server_2008 AND version=- AND update=-

vendor=microsoft AND product=windows_server_2008 AND version=- AND update=sp2

vendor=microsoft AND product=windows_server_2008 AND version=r2

vendor=microsoft AND product=windows_vista AND version=- AND update=sp1

vendor=microsoft AND product=windows_vista AND version=- AND update=sp2

vendor=microsoft AND product=windows_xp AND version=- AND update=sp2 AND software_edition=professional AND target_hardware=x64

vendor=microsoft AND product=windows_xp AND version=- AND update=sp3

Reference

TA10-222A-Third Party Advisory, US Government Resource
oval:org.mitre.oval:def:11984-Tool Signature
MS10-053-Patch, Vendor Advisory

Keywords

CVE-2010-2559

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2010-2559

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures