|
|||
Rule General Information |
---|
Release Date: | 2020-04-27 | |
Rule Name: | Microsoft Internet Explorer Invalid Pointer Remote Code Execution Vulnerability -2 (CVE-2010-0806) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, aka "Uninitialized Memory Corruption Vulnerability." | |
Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
Affected OS: | Windows | |
Reference: | MicrosoftSecurityBulletin:981374 MicrosoftSecurityBulletin:ms10-018 http://blogs.technet.com/msrc/archive/2010/03/09/security-advisory-981374-released.aspx http://www.kb.cert.org/vuls/id/744549 |
|
Solutions |
---|
The vendors have released upgrade patches to fix vulnerabilities, please visit: http://technet.microsoft.com/en-us/security/bulletin/MS10-018 |